OJIT: A Novel Obfuscation Approach Using Standard Just-In-Time Compiler Transformations

Abstract : With the adoption of cloud computing, securing remote program execution becomes an important issue. Relying on standard data encryption is not enough, since code execution happens on remote servers, possibly allowing for eavesdropping from potential adversaries; thus the full execution process requires protection from such threats. In this paper, we introduce OJIT system as a novel approach for obfuscating programs, making it difficult for adversaries to reverse-engineer. The system exploits the JIT compilation technology to dynamically transform the code, making it constantly changing, thereby complicating the execution state. This paper quantitatively studies the effect of this approach by considering a set of obfuscation metrics borrowed from the software engineering field. The paper constructs a testbed system using the LLVM compilation framework that frequently applies random sequences of standard compiler optimizations on the currently running program. Results on using selected benchmarks from the SPEC CPU 2006 suite show a significant sustainable increase in obfuscation for a large number of standard optimizations over the run-time course of the programs.
Document type :
Conference papers
Complete list of metadatas

Cited literature [31 references]  Display  Hide  Download

https://hal.inria.fr/hal-01162998
Contributor : Erven Rohou <>
Submitted on : Friday, June 12, 2015 - 6:06:43 PM
Last modification on : Thursday, October 10, 2019 - 2:38:12 PM
Long-term archiving on : Tuesday, April 25, 2017 - 7:09:37 AM

File

dce2015-2.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01162998, version 1

Citation

Muhammad Hataba, Ahmed El-Mahdy, Erven Rohou. OJIT: A Novel Obfuscation Approach Using Standard Just-In-Time Compiler Transformations. International Workshop on Dynamic Compilation Everywhere, Jan 2015, Amsterdam, Netherlands. ⟨hal-01162998⟩

Share

Metrics

Record views

712

Files downloads

378