Maximal incompleteness as obfuscation potency-Reference-Cited by-同舟云学术

Maximal incompleteness as obfuscation potency

Published:2017-01 Issue:1 Volume:29 Page:3-31
ISSN:0934-5043
Container-title:Formal Aspects of Computing
language:en
Short-container-title:Form. Asp. Comput.

Author:

Giacobazzi Roberto¹²,Mastroeni Isabella¹,Dalla Preda Mila¹

Affiliation:

1. Università degli Studi di Verona, Verona, Italy

2. IMDEA Software Institute, Madrid, Spain

Abstract

Abstract Obfuscation is the art of making code hard to reverse engineer and understand. In this paper, we propose a formal model for specifying and understanding the strength of obfuscating transformations with respect to a given attack model. The idea is to consider the attacker as an abstract interpreter willing to extract information about the program’s semantics. In this scenario, we show that obfuscating code is making the analysis imprecise, namely making the corresponding abstract domain incomplete. It is known that completeness is a property of the abstract domain and the program to analyse. We introduce a framework for transforming abstract domains, i.e., analyses, towards incompleteness. The family of incomplete abstractions for a given program provides a characterisation of the potency of obfuscation employed in that program, i.e., its strength against the attack specified by those abstractions. We show this characterisation for known obfuscating transformations used to inhibit program slicing and automated disassembly.

Publisher

Association for Computing Machinery (ACM)

Subject

Theoretical Computer Science,Software

Link

http://link.springer.com/content/pdf/10.1007/s00165-016-0374-2.pdf

Reference39 articles.

1. On the (im)possibility of obfuscating programs

2. Obfuscation

3. Cousot P Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fix-points. In: Conference Record of the 4th ACM Symposium on Principles of Programming Languages (POPL ’77). ACM Press pp 238–252

4. Cousot P Cousot R (1979) Systematic design of program analysis frameworks. In: Conference Record of the 6th ACM Symposium on Principles of Programming Languages (POPL ’79). ACM Press pp 269–282

Cited by 9 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Monotonicity and the Precision of Program Analysis;Proceedings of the ACM on Programming Languages;2024-01-05

2. Defeating Data Plane Attacks With Program Obfuscation;IEEE Transactions on Dependable and Secure Computing;2023

3. A Formal Framework to Measure the Incompleteness of Abstract Interpretations;Static Analysis;2023

4. How Fitting is Your Abstract Domain?;Static Analysis;2023

5. Partial (In)Completeness in abstract interpretation: limiting the imprecision in program analysis;Proceedings of the ACM on Programming Languages;2022-01-12