TY - GEN
T1 - On Preventing Symbolic Execution Attacks by Low Cost Obfuscation
AU - Seto, Toshiki
AU - Monden, Akito
AU - Yucel, Zeynep
AU - Kanzaki, Yuichiro
PY - 2019/7
Y1 - 2019/7
N2 - While various software obfuscation techniques have been proposed to protect software, new types of threats keep emerging such as the symbolic execution attacks. Such attacks automatically analyze programs and are not accounted for by many of the existing obfuscation methods. Nevertheless, several methods against symbolic execution attacks exist such as linear obfuscation methods relying on Collatz conjuncture or obfuscation methods based on one-way hash functions. However, these methods bear several issues. Namely, linear obfuscation is weak against manual analysis due to its deterministic output. On the other hand, SHA-1 requires significant computational cost; and thus, it can be applied to only a limited number of targets. Therefore, in this research, we propose to employ a combination of several computationally cheap (arithmetic) obfuscating operations for preventing symbolic execution attacks. Through an experiment using angr and KLEE as symbolic execution tools, we demonstrate that obfuscation operation using array reference, bit rotation and XOR effectively prevents symbolic execution attacks at a low computational cost.
AB - While various software obfuscation techniques have been proposed to protect software, new types of threats keep emerging such as the symbolic execution attacks. Such attacks automatically analyze programs and are not accounted for by many of the existing obfuscation methods. Nevertheless, several methods against symbolic execution attacks exist such as linear obfuscation methods relying on Collatz conjuncture or obfuscation methods based on one-way hash functions. However, these methods bear several issues. Namely, linear obfuscation is weak against manual analysis due to its deterministic output. On the other hand, SHA-1 requires significant computational cost; and thus, it can be applied to only a limited number of targets. Therefore, in this research, we propose to employ a combination of several computationally cheap (arithmetic) obfuscating operations for preventing symbolic execution attacks. Through an experiment using angr and KLEE as symbolic execution tools, we demonstrate that obfuscation operation using array reference, bit rotation and XOR effectively prevents symbolic execution attacks at a low computational cost.
KW - program analysis
KW - security
KW - software protection
UR - http://www.scopus.com/inward/record.url?scp=85077954565&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85077954565&partnerID=8YFLogxK
U2 - 10.1109/SNPD.2019.8935642
DO - 10.1109/SNPD.2019.8935642
M3 - Conference contribution
AN - SCOPUS:85077954565
T3 - Proceedings - 20th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, SNPD 2019
SP - 495
EP - 500
BT - Proceedings - 20th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, SNPD 2019
A2 - Nakamura, Masahide
A2 - Hirata, Hiroaki
A2 - Ito, Takayuki
A2 - Otsuka, Takanobu
A2 - Okuhara, Shun
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 20th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, SNPD 2019
Y2 - 8 July 2019 through 11 July 2019
ER -