1 |
CONTROL FLOW OBFUSCATION COMPLEXITYKUMAR, AMIT 13 July 2005 (has links)
No description available.
|
2 |
Digital Rights Management and Code ObfuscationSethi, Amit January 2004 (has links)
Digital Rights Management (DRM) involves retaining control over digital information, even after it has been made public. Preventing illegal file sharing on the Internet, which is a topic that has recently received a large amount of media attention, is just one instance where DRM is needed.
In this thesis, we attempt to create formal definitions for DRM. Currently, there is a lack of such formal definitions, which is one reason why DRM schemes have achieved little success. We will also examine two DRM schemes that can be cracked easily: Microsoft DRM 2. 0, and the Content Scrambling System. We then discuss the reasons why DRM schemes have been unsuccessful so far, and why a good DRM scheme must incorporate secure hardware, secure software, and an efficient legal system. We also briefly discuss several issues related to DRM, such as privacy.
Code Obfuscation involves hiding a program's implementation details from an adversary. One application of code obfuscation involves hiding cryptographic keys in encryption and decryption programs for a cryptosystem. Code obfuscation is directly applicable to DRM schemes, where the adversary has access to a program that contains secret information. For example, a music player may contain a secret key that it uses to decrypt content. The secret key must be hidden from the adversary, since otherwise, he/she could use the key to write his/her own decryption program, and distribute it to circumvent the DRM scheme.
We discuss the proof from Barak et al that shows that code obfuscation is impossible in general. This, however, does not mean that code obfuscation cannot be achieved in specific cases. We will examine an obfuscated version of the Data Encryption Standard, and discuss the circumstances under which it is insecure. We also examine a toy example of a block cipher called <i>Simple Block Cipher (SBC)</i>, and apply obfuscation techniques to SBC to hide the secret key, and then attempt to obtain the secret key.
|
3 |
Digital Rights Management and Code ObfuscationSethi, Amit January 2004 (has links)
Digital Rights Management (DRM) involves retaining control over digital information, even after it has been made public. Preventing illegal file sharing on the Internet, which is a topic that has recently received a large amount of media attention, is just one instance where DRM is needed.
In this thesis, we attempt to create formal definitions for DRM. Currently, there is a lack of such formal definitions, which is one reason why DRM schemes have achieved little success. We will also examine two DRM schemes that can be cracked easily: Microsoft DRM 2. 0, and the Content Scrambling System. We then discuss the reasons why DRM schemes have been unsuccessful so far, and why a good DRM scheme must incorporate secure hardware, secure software, and an efficient legal system. We also briefly discuss several issues related to DRM, such as privacy.
Code Obfuscation involves hiding a program's implementation details from an adversary. One application of code obfuscation involves hiding cryptographic keys in encryption and decryption programs for a cryptosystem. Code obfuscation is directly applicable to DRM schemes, where the adversary has access to a program that contains secret information. For example, a music player may contain a secret key that it uses to decrypt content. The secret key must be hidden from the adversary, since otherwise, he/she could use the key to write his/her own decryption program, and distribute it to circumvent the DRM scheme.
We discuss the proof from Barak et al that shows that code obfuscation is impossible in general. This, however, does not mean that code obfuscation cannot be achieved in specific cases. We will examine an obfuscated version of the Data Encryption Standard, and discuss the circumstances under which it is insecure. We also examine a toy example of a block cipher called <i>Simple Block Cipher (SBC)</i>, and apply obfuscation techniques to SBC to hide the secret key, and then attempt to obtain the secret key.
|
4 |
Analysis of Evasion Techniques in Web-based MalwareLu, Gen January 2013 (has links)
Web-based mechanisms, often mediated by malicious JavaScript code, play an important role in malware delivery today, making defenses against web-based malware crucial for system security. To make it even more challenging, malware authors often take advantage of various evasion techniques to evade detection. As a result, a constant arms race of evasion and detection techniques between malware authors and security analysts has led to advancement in code obfuscation and anti-analysis techniques. This dissertation focuses on the defenses against web-based malware protected by advanced evasion techniques from both defensive and offensive perspectives. From a defensive perspective, we examine existing evasion techniques and propose deobfuscation and detection approaches to defeating some popular techniques used by web-based malware today. In the case of code-unfolding based obfuscation, we use a semantics-based approach to simplify away obfuscations by identifying code that is relevant to the behavior of the original program. In the case of environment-dependent malware, we propose environmental predicate, which detects behavior discrepancy of JavaScript program between targeted browser and detector sandbox, therefore protecting users from possible detection false negatives caused by environmental triggers. From an offensive perspective, we analyze existing detection techniques to examining their assumptions and study how these assumptions can be broken. We also propose a combination of obfuscation and anti-analysis techniques, targeting these limitations, which can hide existing web-based malware from state-of-the-art detectors.
|
5 |
Programinio kodo obfuskacija ir įgyvendinimo metodai / Obfuscation and realization methodsLukšas, Darius 14 January 2006 (has links)
The purpose of this project was to analyze and compare Microsoft Framework .NET (CLR type) files and their obfuscation methods, create the obfuscation system, using some of the analyzed methods. After analyzing different Microsoft Framework .NET obfuscation techniques in this project: • class, method, parameters name change; • user string encryption; • IL code encryption; Decision was made to use obfuscation method with class, method, parameters name change.
|
6 |
PRIVACY PRESERVATION IN A HYBRID MULTI MESH-LTE AMI NETWORK FOR SMART GRIDCakmak, Ozan 01 August 2015 (has links)
While the newly envisioned Smart(er) Grid (SG) will result in a more efficient and reliable power grid, its collection and use of fine-grained meter data has widely raised concerns on consumer privacy. While a number of approaches are available for preserving consumer privacy, these approaches are mostly not very practical to be used due to two reasons: First, since the data is hidden, this reduces the ability of the utility company to use the data for distribution state estimation. Secondly and more importantly, the approaches were not tested under realistic wireless infrastructures that are currently in use. In this thesis, a meter data obfuscation approach to preserve consumer privacy is proposed to implement that has the ability to perform distribution state estimation. Then, its performance on LTE and a large-scale Advanced Metering Infrastructure (AMI) network built upon the new IEEE 802.11s wireless mesh standard are assessed. LTE/EPC(Evolved Packet Core) model is used between the gateway and the utility. EPC's goal is to improve network performance by the separation of control and data planes and through a flattened IP architecture, which reduces the hierarchy between mobile data elements. Using obfuscation values provided via this approach, the meter readings are obfuscated to protect consumer privacy from eavesdroppers and the utility companies while preserving the utility companies' ability to use the data for state estimation.The impact of this approach on data throughput, delay and packet delivery ratio under a variety of conditions are assessed.
|
7 |
Preserving Consumer Privacy on IEEE 802.11s-Based Smart Grid AMI NetworksBeussink, Andrew 01 May 2014 (has links)
While the newly envisioned smart grid will result in a more efficient and reliable power grid, its use of fine-grained meter data has widely raised concerns of consumer privacy. This thesis implements a data obfuscation approach to preserve consumer privacy and assesses its feasibility on a large-scale advanced metering infrastructure (AMI) network built upon the new IEEE 802.11s wireless mesh standard. This obfuscation approach preserves consumer privacy from eavesdroppers and the utility companies while preserving the utility companies' ability to use the fine-grained meter data for state estimation. The impact of this privacy approach is assessed based on its impact on data throughput and delay performance. Simulation results have shown that the approach is feasible to be used even when the network size grows. Additional adaptations to the approach are analyzed for their feasibility in further research.
|
8 |
Formally Verified Code Obfuscation in the Coq Proof AssistantLu, Weiyun 20 December 2019 (has links)
Code obfuscation is a software security technique where transformations are applied
to source and/or machine code to make them more difficult to analyze and understand
to deter reverse-engineering and tampering. However, in many commercial tools, such
as Irdeto's Cloakware product, it is not clear why the end user should believe that
the programs that come out the other end are still the same program"!
In this thesis, we apply techniques of formal specification and verification, by
using the Coq Proof Assistant and IMP (a simple imperative language within it), to
formulate what it means for a program's semantics to be preserved by an obfuscating
transformation, and give formal machine-checked proofs that these properties hold.
We describe our work on opaque predicate and control flow flattening transformations.
Along the way, we also employ Hoare logic as an alternative to state equivalence,
as well as augment the IMP program with Switch statements. We also define a lower-level flowchart language to wrap around IMP for modelling certain flattening
transformations, treating blocks of codes as objects in their own right.
We then discuss related work in the literature on formal verification of data obfuscation
and layout obfuscation transformations in IMP, and conclude by discussing
CompCert, a formally verified C compiler in Coq, along with work that has been done
on obfuscation there, and muse on the possibility of implementing formal methods in
the next generation of real-world obfuscation tools.
|
9 |
Recherche de similarité dans du code source / Looking for similarity in source codeChilowicz, Michel 25 November 2010 (has links)
La duplication de code source a de nombreuses origines : copie et adaptation inter-projets ou clonage au sein d'un même projet. Rechercher des correspondances de code copié permet de le factoriser dans un projet ou de mettre en évidence des situations de plagiat. Nous étudions des méthodes statiques de recherche de similarité sur du code ayant potentiellement subi des opérations d'édition telle que l'insertion, la suppression, la transposition ainsi que la factorisation et le développement de fonctions. Des techniques d'identification de similarité génomique sont examinées et adaptées au contexte de la recherche de clones de code source sous forme lexemisée. Après une discussion sur des procédés d'alignement de lexèmes et de recherche par empreintes de n-grams, est présentée une méthode de factorisation fusionnant les graphes d'appels de fonctions de projets au sein d'un graphe unique avec introduction de fonctions synthétiques exprimant les correspondances imbriquées. Elle utilise des structures d'indexation de suffixes pour la détermination de facteurs répétés. Une autre voie d'exploration permettant de manipuler de grandes bases indexées de code par arbre de syntaxe est abordée avec la recherche de sous-arbres similaires par leur hachage et leur indexation selon des profils d'abstraction variables. Des clones exacts de sous-arbres de forte proximité dans leurs arbres d'extraction peuvent alors être consolidés afin d'obtenir des correspondances approchées et étendues. En amont et en aval de la recherche de correspondances, des métriques de similarité sont définies afin de préselectionner les zones d'examen, affiner la recherche ou mieux représenter les résultats / Several phenomenas cause source code duplication like inter-project copying and adaptation or cloning inside a same project. Looking for code matches allows to factorize them inside a project or to highlight plagiarism cases. We study statical similarity retrieval methods on source code that may be transformed via edit operations like insertion, deletion, transposition, in- or out-lining of functions. Sequence similarity retrieval methods inspired from genomics are studied and adapted to find common chunks of tokenized source. After an explanation on alignment and n-grams lookup techniques, we present a factorization method that merge function call graphs of projects to a single graph with the creation of synthetic functions modeling nested matches. It relies on the use of suffix indexation structures to find repeated token factors. Syntax tree indexation is explored to handle huge code bases allowing to lookup similar sub-trees with their hash values computed via heterogeneous abstraction profiles. Exact copies of sub-trees close in their host trees may be merged to get approximate and extended matches. Before and after match retrieval, we define similarity metrics to preselect interesting code spots, refine the search process or enhance the human understanding of results
|
10 |
Obfuscation par expressions mixtes arithmético-booléennes : reconstruction, analyse et outils de simplification / Obfuscation with Mixed Boolean-Arithmetic Expressions : reconstruction, analysis and simplification toolsEyrolles, Ninon 30 June 2017 (has links)
L'obfuscation de logiciels est une technique de protection deprogrammes qui transforme du code pour rendre son analyse plusdifficile. Les expressions mixtes arithmético-booléennes (MBA) sontprésentées comme une bonne obfuscation du flot de données. Le domainede l'obfuscation MBA étant assez jeune, il bénéficie de peu delittérature sur la conception et l'analyse de telles expressionsobfusquées. Ainsi, beaucoup de sujets intéressants apparaissent lors deson étude, autant sur l'obfuscation que sur la désobfuscation (ousimplification) d'expressions MBA.Durant nos recherches, nous avons structuré le sujet de l'obfuscationMBA, le reliant à d'autres domaines comme la cryptographie ou laréécriture. Nous avons également reconstruit une techniqued'obfuscation MBA à partir d'échantillons publics. Nous avons étudié ce quesignifie simplifier une expression obfusquée, et défininos propres métriques de simplicité pour les expressions MBA. L'étudede la simplification MBA a entraîné l'implémentation de deux outils dedésobfuscation, qui ont simplifié avec succès plusieurs examplespublics d'expressions obfusquées. Finalement, nous avons évalué larésilience de l'obfuscation MBA par rapport à nos algorithmes desimplification (ainsi que d'autres techniques de désobfuscation), etnous avons conclu que la technique d'obfuscation MBA offrait peu derésilience en l'état. Nous avons donc proposé quelques pistes pouraméliorer ce type d'obfuscation. / Software obfuscation is a software protection technique thattransforms code in order to make its analysis more difficult. MixedBoolean-Arithmetic (MBA) expressions are presented as a strongobfuscation in the context of data flow obfuscation. As the domainaround MBA obfuscation is quite young, there is little literatureon the conception and analysis of such obfuscated expressions.Therefore many interesting subjects arise during its study, both around theobfuscation and deobfuscation (or simplification) of MBA expressions.During our work, we structured the subject of MBA obfuscation, linkingit to other topics like cryptography or rewriting. We also reconstructedan MBA obfuscation technique from public samples. We studied themeaning of simplifying an obfuscated expression, and definedour own simplicity metrics for MBA expressions. The study of MBAsimplification yielded the implementation of two deobfuscation toolsthat successfully simplified several public examples of obfuscatedexpressions. Finally, we assessed the resilience of the MBAobfuscation with regard to our simplification algorithms (as well asother deobfuscation techniques), concluding that this obfuscationtechnique offers little resilience as it is, and we proposed a few ideasto help improve this type of obfuscation.
|
Page generated in 0.0814 seconds