Skip to Main content Skip to Navigation
New interface
Journal articles

Effectiveness of Synthesis in Concolic Deobfuscation

Abstract : Control flow obfuscation techniques can be used to hinder software reverse-engineering. Symbolic analysis can counteract these techniques, but only if they can analyze obfuscated conditional statements. We evaluate the use of dynamic synthesis to complement symbolic analysis in the analysis of obfuscated conditionals. We test this approach on the taint-analysis-resistant Mixed Boolean Arithmetics (MBA) obfuscation method that is commonly used to obfuscate and randomly diversify statements. We experimentally ascertain the practical feasibility of MBA obfuscation. We study using SMT-based approaches with different state-of-the-art SMT solvers to counteract MBA obfuscation, and we show how targeted algebraic simplification can greatly reduce the analysis time. We show that synthesis-based deobfuscation is more effective than current SMT-based deobfuscation algorithms, thus proposing a synthesis-based attacker model to complement existing attacker models.
Document type :
Journal articles
Complete list of metadata

Cited literature [49 references]  Display  Hide  Download
Contributor : Fabrizio Biondi Connect in order to contact the contributor
Submitted on : Sunday, November 5, 2017 - 10:19:39 PM
Last modification on : Friday, August 5, 2022 - 2:54:52 PM
Long-term archiving on: : Tuesday, February 6, 2018 - 12:27:43 PM


Files produced by the author(s)



Fabrizio Biondi, Sébastien Josse, Axel Legay, Thomas Sirvent. Effectiveness of Synthesis in Concolic Deobfuscation. Computers and Security, 2017, 70, pp.500-515. ⟨10.1016/j.cose.2017.07.006⟩. ⟨hal-01241356v2⟩



Record views


Files downloads