characterizing the strength of software obfuscation
play

Characterizing the Strength of Software Obfuscation Against - PowerPoint PPT Presentation

Fakultt fr Informatik T echnische Universitt Mnchen Dagstuhl Seminar 17281 Characterizing the Strength of Software Obfuscation Against Automated Attacks Sebastian Banescu, BMW Group Outline 1 Introduction 2 Obfuscation in Theory 3


  1. Fakultät für Informatik T echnische Universität München Dagstuhl Seminar 17281 Characterizing the Strength of Software Obfuscation Against Automated Attacks Sebastian Banescu, BMW Group

  2. Outline 1 Introduction 2 Obfuscation in Theory 3 Obfuscation in Practice 4 Characterizing the Strength of Obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 2

  3. Introduction Question: What is the goal of “software obfuscation”? July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  4. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  5. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle 2. Protect software against remote attackers , who exploit vulnerabilities (e.g. buffer overflows) July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  6. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle 2. Protect software against remote attackers , who exploit vulnerabilities (e.g. buffer overflows) 3. Protect software against malicious users who want to reverse engineer it July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  7. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle 2. Protect software against remote attackers , who exploit vulnerabilities (e.g. buffer overflows) 3. Protect software against malicious users who want to reverse engineer it Answer: The 3rd option July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  8. Introduction Informal Definition of Obfuscation: To obfuscate a program P means to transform it into an equivalent program P ′ from which it is harder to extract information than from P . July 9 – 14, 2017 Sebastian Banescu, BMW Group 4

  9. Introduction Informal Definition of Obfuscation: To obfuscate a program P means to transform it into an equivalent program P ′ from which it is harder to extract information than from P . Benefits of obfuscation : Obfuscation aims to raise the bar for reverse engineering Obfuscation is last layer of defense against attackers (e.g. if attacker bypasses firewall and OS authentication) July 9 – 14, 2017 Sebastian Banescu, BMW Group 4

  10. Introduction Informal Definition of Obfuscation: To obfuscate a program P means to transform it into an equivalent program P ′ from which it is harder to extract information than from P . Benefits of obfuscation : Obfuscation aims to raise the bar for reverse engineering Obfuscation is last layer of defense against attackers (e.g. if attacker bypasses firewall and OS authentication) Possible remarks : This sounds fishy! Are there any theoretical foundations or guarantees of obfuscation? July 9 – 14, 2017 Sebastian Banescu, BMW Group 4

  11. Outline 1 Introduction 2 Obfuscation in Theory 3 Obfuscation in Practice 4 Characterizing the Strength of Obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 5

  12. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  13. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  14. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial Any probabilistic polynomial time attacker only has a negligible probability of guessing any bit of information about P , given O ( P ) July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  15. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial Any probabilistic polynomial time attacker only has a negligible probability of guessing any bit of information about P , given O ( P ) In 2001 Barak et al. (2001) proved there exists no general obfuscator applicable to all programs July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  16. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial Any probabilistic polynomial time attacker only has a negligible probability of guessing any bit of information about P , given O ( P ) In 2001 Barak et al. (2001) proved there exists no general obfuscator applicable to all programs There may exist obfuscators for some programs which leak bits of information, but are “good enough” for some practical scenarios July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  17. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  18. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished Goldwasser and Rothblum (2007) proved this obfuscation is the best-possible obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  19. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished Goldwasser and Rothblum (2007) proved this obfuscation is the best-possible obfuscation Implementations still far from being practical: Banescu et al. (2015); Barak (2016) July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  20. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished Goldwasser and Rothblum (2007) proved this obfuscation is the best-possible obfuscation Implementations still far from being practical: Banescu et al. (2015); Barak (2016) The rest of this talk will focus on practical code obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  21. Outline 1 Introduction 2 Obfuscation in Theory 3 Obfuscation in Practice 4 Characterizing the Strength of Obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 8

  22. Obfuscation in Practice What types of obfuscation transformations exist? Code vs. Data Static vs. Dynamic Source code vs. IR vs. Machine code etc. July 9 – 14, 2017 Sebastian Banescu, BMW Group 9

  23. Obfuscation in Practice What types of obfuscation transformations exist? Code vs. Data Static vs. Dynamic Source code vs. IR vs. Machine code etc. How many obfuscation transformations are there? Scramble identifiers Instruction substitution Garbage code insertion Merging and splitting functions Opaque predicates Control-flow flattening Virtualization obfuscation White-box cryptography etc. July 9 – 14, 2017 Sebastian Banescu, BMW Group 9

  24. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  25. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users 2. Some end-users are MATE attackers July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  26. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users 2. Some end-users are MATE attackers 3. MATE reverse engineers X and builds a hijacker of X July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  27. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users 2. Some end-users are MATE attackers 3. MATE reverse engineers X and builds a hijacker of X 4. MATE distributes hijacker to other end-users of X July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  28. Software Diversity via Obfuscation Transformations What can we do to protect victims? July 9 – 14, 2017 Sebastian Banescu, BMW Group 11

  29. Software Diversity via Obfuscation Transformations What can we do to protect victims? Give everyone a different version July 9 – 14, 2017 Sebastian Banescu, BMW Group 11

Recommend


More recommend