IRIS - Institutional Research Information System

Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program functions into ROP chains that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand popular static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant amount of computational resources would be required to carry a deobfuscation attack for secret finding and code coverage goals.

Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation / Borrello, Pietro; Coppa, Emilio; Cono D'Elia, Daniele. - 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), (2021), pp. 555-568. (51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) 2021, Virtual Event, 21-24 Giugno 2021). [10.1109/DSN48987.2021.00064].

Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation

Pietro Borrello;Emilio Coppa;Daniele Cono D'Elia

2021

Abstract

Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program functions into ROP chains that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand popular static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant amount of computational resources would be required to carry a deobfuscation attack for secret finding and code coverage goals.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno del convegno
	
			2021
		
	Parole chiave
	
			Code obfuscation, program protection, ROP
		
	Appare nelle tipologie:
	
			04.1 - Contributo in Atti di convegno (Paper in Proceedings)

File in questo prodotto:

File	Dimensione	Formato
Borrello_Hiding_2021.pdf Solo gestori archivio Tipologia: Versione dell'editore Licenza: Tutti i diritti riservati Dimensione 350.95 kB Formato Adobe PDF Visualizza/Apri	350.95 kB	Adobe PDF	Visualizza/Apri

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11385/236287

Citazioni

8

4

social impact