Data Tainting and Obfuscation: Improving Plausibility of Incorrect Taint

Sandrine Blazy 1 Stéphanie Riaud 1, 2 Thomas Sirvent 2
1 CELTIQUE - Software certification with semantic analysis
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : —Code obfuscation is designed to impede the reverse engineering of a binary software. Dynamic data tainting is an analysis technique used to identify dependencies between data in a software. Performing dynamic data tainting on obfuscated software usually yields hard to exploit results, due to over-tainted data. Such results are clearly identifiable as useless: an attacker will immediately discard them and opt for an alternative tool. In this paper, we present a code transformation technique meant to prevent the identification of useless results: a few lines of code are inserted in the obfuscated software, so that the results obtained by the dynamic data tainting approach appear acceptable. These results remain however wrong and lead an attacker to waste enough time and resources trying to analyze incorrect data dependencies, so that he will usually decide to use less automated and advanced analysis techniques, and maybe give up reverse engineering the current binary software. This improves the security of the software against malicious analysis.
Type de document :
Communication dans un congrès
IEEE. Source Code Analysis and Manipulation (SCAM), Sep 2015, Bremen, Germany
Liste complète des métadonnées

Littérature citée [36 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01193286
Contributeur : Sandrine Blazy <>
Soumis le : vendredi 4 septembre 2015 - 17:05:48
Dernière modification le : mardi 3 juillet 2018 - 13:10:02
Document(s) archivé(s) le : samedi 5 décembre 2015 - 13:55:19

Fichier

SCAM_v2.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Copyright (Tous droits réservés)

Identifiants

  • HAL Id : hal-01193286, version 1

Citation

Sandrine Blazy, Stéphanie Riaud, Thomas Sirvent. Data Tainting and Obfuscation: Improving Plausibility of Incorrect Taint. IEEE. Source Code Analysis and Manipulation (SCAM), Sep 2015, Bremen, Germany. 〈hal-01193286〉

Partager

Métriques

Consultations de la notice

510

Téléchargements de fichiers

308