1 / 14

Code Obfuscation Final Presentation

Explore the process of obfuscating C++ source code using opaque predicates to protect intellectual property and hinder reverse engineering. Learn about implementation details, obfuscation examples, and measuring obfuscation quality.

dustinv
Download Presentation

Code Obfuscation Final Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Code Obfuscation Final Presentation Yakkob Iyun Guided by Eitan Koch

  2. Topics to be discussed • Problem Definition • Project Purpose – Building Obfuscator • Obfuscation Using Opaque Predicates • Implementation details • Obfuscation example • Obfuscation Quality and Measurements

  3. Problem Definition • Modern programming languages generate output files (binaries , byte code files ect.) that can be reversed engineered easily. We need to Defend our intellectual property in a way that minimizes the additional overhead resources Solution : Obfuscation!!!

  4. Project purpose - Building Obfuscator • Creating an application that for a given C++ source code , generates an obfuscated one that has the exact same functionality as the original one. Compilation Output Source code Internet (Server – Client) Decopmilation Obfuscated Source code Obfuscated Source code Application Execute Deobfuscation Compilation Output Source code

  5. Obfuscation Using Opaque Predicates • Known fact : Adding junctions makes our life harder So we will obfuscate our code by adding If-else structures with Opaque Predicates in order to complicate the control flow of the code.

  6. Opaque Predicate • Opaque Predicate : an expression that evaluates to either "true" or "false“ , which its outcome is known to the obfuscator and is very difficult and even impossible for the deobfuscator to evaluate , without running the application itself. T Dead Code Opaque Predicate Benefits: Increased number of predicates to deduce Inserting Dead and irrelevant code to confuse an attacker.

  7. Opaque Predicate Manufacture: Opaque Predicate Benefits: • Introduce an obfuscated Graph class to the code. • Introduce a code that manipulates (build and changes) the Graph. • Building Opaque Predicate with user input names according to specific invariants that the graph structure holds. • Adding Randomness for the IF conditions together with the predicate. • The Introduced Graph Class code and the code that manipulates the Graph , blends well with the source code because it uses user input names . • The predicate names are user defined so they resemble the given code. • The added predicate are easily to deduce by the obfuscator but hard to deduce by the deobfuscator. • In Run Time the behavior is not deterministic.

  8. Application Use details • Input : User prepares config file , to configure parameters for the Opaque predicate inserting , and the “String” option that replaces given tokens with random tokens /**************************************************************/ /* Configuration File For Koby's Obfuscation App */ /**************************************************************/ /* Working Folder */ WorkingFolder=C:\Users\koby\Desktop\New folder /* Source Files */ SourceFileList=folder.cpp /********************************************/ /* Parameters for "Opaque" Option */ /********************************************/ /* Related Project Names */ RelatedProjectNames=melody,tune,volume,artist, singer /* Number Of Predicates To Add */ NumberOfPredicatesToAdd=2 /* Function Names To Insert The Predicates */ FunctionNamesToInsertThePredicates=Play_Song /********************************************/ /* Parameters for "Strings" Option */ /*******************************************/ /* Function Names To Be Obuscated */ FunctionNamesToBeObuscated=Play_Song, Print_Folder_Songs /* Variable Names */ VariableNames=Folder,song_name,temp_song

  9. Obfuscation example Original Code bool Folder::Print_Folder_Songs (const string& curr_artist_name) // not checked {Iterator<Song> itr =songs_list.GetIterator(); Song temp_song; if (curr_artist_name=="temp_not_given") {while (itr.HasNext()) {itr.Next().Print_Song_Name();}} else {while (itr.HasNext()) {temp_song=itr.Next(); if (temp_song.Get_Artist_Name()==curr_artist_name) {temp_song.Print_Song_Name();}}} return true;} bool Folder::Play_Song (const string& song_name) {Song curr_song; Iterator<Song> itr =songs_list.GetIterator(); bool found=false; while (itr.HasNext()&&(!found)) {curr_song=itr.Next(); if (curr_song.song_name==song_name) {curr_song.Play_Song(); found=true;}} return found;}

  10. Obfuscation example bool Folder::Print_Folder_Songs (const string& curr_artist_name) // not checked {Iterator<Song> itr =songs_list.GetIterator(); Song temp_song; if (curr_artist_name=="temp_not_given") {while (itr.HasNext()) {itr.Next().Print_Song_Name();}} else {while (itr.HasNext()) {temp_song=itr.Next(); if (temp_song.Get_Artist_Name()==curr_artist_name) {temp_song.Print_Song_Name();}}} return true;} bool Folder::Play_Song (const string& song_name) {Song curr_song; srand (time(NULL) ); artist* melody = new artist(); melody->singer(); melody= melody->__singer(); melody->singer(); melody= melody->__singer(); melody->singer(); melody->singer(); melody->___tune(); melody= melody->__singer(); melody->singer(); melody->singer(); melody->___tune(); melody= melody->__singer(); melody->singer(); melody->singer(); melody->___tune(); artist* tune; tune=melody->__artist(); tune->singer(); tune = tune->__singer(); tune->singer(); melody->singer();tune->singer(); tune = tune->__singer(); tune->singer(); melody->singer(); melody= melody->__singer(); tune->___tune(); melody->singer(); melody->singer(); melody->___tune(); if (melody->__volume(tune) ) { artist* melody = new artist(); melody->singer(); melody= melody->__singer(); melody->singer(); melody= melody->__singer(); melody->singer(); melody->singer(); melody->___tune(); melody= melody->__singer(); melody->singer(); melody->singer(); melody->___tune(); melody= melody->__singer(); melody->singer(); melody->singer(); melody->___tune(); artist* tune; tune=melody->__artist(); tune->singer(); tune = tune->__singer(); tune->singer(); melody->singer();tune->singer(); tune = tune->__singer(); tune->singer(); melody->singer(); melody= melody->__singer(); tune->___tune(); melody->singer(); melody->singer(); melody->___tune(); Obfuscated Code – Opaque Option tune1: int tune2 = rand() % 2; if (melody->__volume(tune) && tune2) { tune->singer(); melody->singer();tune->singer(); tune = tune->__singer(); tune->singer(); melody->singer(); melody= melody->__singer(); tune->___tune(); melody->singer(); melody->singer(); goto tune1; melody->___tune(); } tune->singer(); melody->singer(); melody->singer(); melody->___tune(); } Iterator<Song> itr =songs_list.GetIterator(); bool found=false; while (itr.HasNext()&&(!found)) {curr_song=itr.Next(); if (curr_song.song_name==song_name) {curr_song.Play_Song(); found=true;}} return found;}

  11. Obfuscation example Obfuscated Code – Opaque Option + String Option #include "folder.h" #include "_include_.h" /* implementation of class ____18960____ */ //private methods bool ____18960___::__17385___(const string& curr___28814___name) // not checked {Iterator<Song> itr =songs_list.GetIterator(); Song ____237____; if (curr_____28814_____name=="temp_not_given") {while (itr.HasNext()) {itr.Next().Print_Song_Name();}} else {while (itr.HasNext()) {____237____=itr.Next(); if (____237____.Get_Artist_Name()==curr_____28814_____name) {____237____.Print_Song_Name();}}} return true;} bool ____18960____::____4251____ (const string& ____8667____) {Song curr_song; srand (time(NULL) ); ____28814____* ____15463____ = new ____28814____(); ____15463____->____13731____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); ____28814____* ____9449____; ____9449____=____15463____->______28814____(); ____9449____->____13731____(); ____9449____ = ____9449____->______13731____(); ____9449____->____13731____(); ____15463____->____13731____();____9449____->____13731____(); ____9449____ = ____9449____->______13731____(); ____9449____->____13731____(); ____15463____->____13731____(); ____15463____= ____15463____->______13731____(); ____9449____->_______9449____(); ____15463____->____13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); if (____15463____->______10535____(____9449____)) { ____28814____* ____15463____ = new ____28814____(); ____15463____->____13731____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); ____15463____= ____15463____->______13731____(); ____15463____->____13731____(); ____15463____->____13731____(); ____15463____->_______9449____(); ____28814____* ____9449____; ____9449____=____15463____->______28814____(); ____9449____->____13731____();

  12. Obfuscation Quality and Measurements • Mccabe metric (Cyclomatic complexity) – known metric that trys to measure code complexity. • The cyclomatic complexity of a section of source code is the count of the number of linearly independent paths through the source code.

  13. Obfuscation Quality and Measurements How to compute the “Cyclomatic complexity”: Build control flow graph of the program , and the compute: •  E − N + 2P Where E = the number of edges of the graph N = the number of nodes of the graph P = the number of connected components • Note that for a program without any IF statements or WHILE, FOR , CASE statements the Cyclomatic complexity is 1 Cyclomatic complexity = 9 - 8 + 2 = 3

  14. Obfuscation Quality and Measurements Experiments Results I used the “CCCC” freeware to compute the cyclomatic complexity on the Obfuscation example given in the previous sides

More Related