Skip to Main content Skip to Navigation
Conference papers

Specification-Based Protocol Obfuscation

Abstract : This paper proposes a new obfuscation technique of a communication protocol that is aimed at making the reverse engineering of the protocol more complex. The obfuscation is based on the transformation of protocol message format specification. The obfuscating transformations are applied to the Abstract Syntax Tree (AST) representation of the messages and mainly concern the ordering or aggregation of the AST nodes. The paper also presents the design of a framework that implements the proposed obfuscation technique by automatically generating, from the specification of the message format, a library performing the corresponding transformations. Finally, our framework is applied to two real application protocols (Modbus and HTTP) to illustrate the relevance and efficiency of the proposed approach. Various metrics recorded from the experiments show the significant increase of the complexity of the obfuscated protocol binary compared to the non-obfuscated code. It is also shown that the execution time and memory overheads remain acceptable for a practical deployment of the approach in operation.
Complete list of metadata

Cited literature [57 references]  Display  Hide  Download

https://hal.inria.fr/hal-01848573
Contributor : Colas Le Guernic <>
Submitted on : Tuesday, July 24, 2018 - 8:25:02 PM
Last modification on : Thursday, June 10, 2021 - 3:06:20 AM
Long-term archiving on: : Thursday, October 25, 2018 - 3:39:47 PM

Files

bare_conf.pdf
Files produced by the author(s)

Identifiers

Citation

Julien Duchene, Eric Alata, Vincent Nicomette, Mohamed Kaâniche, Colas Le Guernic. Specification-Based Protocol Obfuscation. DSN 2018 - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Jun 2018, Luxembourg City, Luxembourg. pp.1-12, ⟨10.1109/DSN.2018.00056⟩. ⟨hal-01848573⟩

Share

Metrics

Record views

686

Files downloads

419