Khaos: The Impact of Inter-procedural Code Obfuscation on Binary Diffing Techniques
Software obfuscation techniques can prevent binary diffing techniques from locating vulnerable code by obfuscating the third-party code, to achieve the purpose of protecting embedded device software. With the rapid development of binary diffing techniques, they can achieve more and more accurate function matching and identification by extracting the features within the function. This makes existing software obfuscation techniques, which mainly focus on the intra-procedural code obfuscation, no longer effective.
In this paper, we propose a new inter-procedural code obfuscation mechanism Khaos, which moves the code across functions to obfuscate the function by using compilation optimizations. Two obfuscation primitives are proposed to separate and aggregate the function, which are called fission and fusion respectively. A prototype of Khaos is implemented based on the LLVM compiler and evaluated on a large number of real-world programs including SPEC CPU 2006 & 2017, CoreUtils, JavaScript engines, etc. Experimental results show that Khaos outperforms existing code obfuscations and can significantly reduce the accuracy rates of five state-of-the-art binary diffing techniques (less than 19%) with lower runtime overhead (less than 7%).
Mon 27 FebDisplayed time zone: Eastern Time (US & Canada) change
13:30 - 15:10 | Session 2 -- Tool and Practical Experience IMain Conference at Montreal 1-2-3 Chair(s): Fernando Magno Quintão Pereira Federal University of Minas Gerais | ||
13:30 26mTalk | Khaos: The Impact of Inter-procedural Code Obfuscation on Binary Diffing Techniques Main Conference Peihua Zhang Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Chenggang Wu Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences; Zhongguancun Laboratory, Mingfan Peng Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Kai Zeng Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Ding Yu Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Yuanming Lai Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Yan Kang Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Wei Wang Institute of Computing Technology at Chinese Academy of Sciences, Zhe Wang Institute of Computing Technology at Chinese Academy of Sciences; Zhongguancun Laboratory DOI | ||
13:56 26mTalk | Lifting Code Generation of Cardiac Physiology Simulation to Novel Compiler Technology Main Conference Arun Thangamani University of Strasbourg; Inria, Tiago Trevisan Jost University of Strasbourg; Inria, Vincent Loechner University of Strasbourg; Inria, Stéphane Genaud University of Strasbourg; Inria, Bérenger Bramas University of Strasbourg; Inria DOI | ||
14:22 26mTalk | DJXPerf: Identifying Memory Inefficiencies via Object-Centric Profiling for Java Main Conference Bolun Li North Carolina State University, Pengfei Su University of California, Milind Chabbi Scalable Machines Research, Shuyin Jiao North Carolina State University, Xu Liu North Carolina State University DOI | ||