Code Obfuscation
This presentation is the property of its rightful owner.
Sponsored Links
1 / 14

Code Obfuscation Final Presentation PowerPoint PPT Presentation


  • 61 Views
  • Uploaded on
  • Presentation posted in: General

Code Obfuscation Final Presentation. Yakkob Iyun Guided by Eitan Koch. Topics to be discussed. Problem Definition Project Purpose – Building Obfuscator Obfuscation Using Opaque Predicates Implementation details Obfuscation example Obfuscation Quality and Measurements.

Download Presentation

Code Obfuscation Final Presentation

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Code obfuscation final presentation

Code Obfuscation

Final Presentation

Yakkob Iyun

Guided by Eitan Koch


Topics to be discussed

Topics to be discussed

  • Problem Definition

  • Project Purpose – Building Obfuscator

  • Obfuscation Using Opaque Predicates

  • Implementation details

  • Obfuscation example

  • Obfuscation Quality and Measurements


Problem definition

Problem Definition

  • Modern programming languages generate output files (binaries , byte code files ect.) that can be reversed engineered easily.

    We need to Defend our intellectual property in a way that minimizes the additional overhead resources

    Solution : Obfuscation!!!


Project purpose building obfuscator

Project purpose - Building Obfuscator

  • Creating an application that for a given C++ source code , generates an obfuscated one that has the exact same functionality as the original one.

Compilation

Output

Source code

Internet

(Server – Client)

Decopmilation

Obfuscated

Source code

Obfuscated

Source code

Application

Execute

Deobfuscation

Compilation

Output

Source code


Obfuscation using opaque predicates

Obfuscation Using Opaque Predicates

  • Known fact : Adding junctions makes our life harder

    So we will obfuscate our code by adding

    If-else structures with Opaque Predicates in order to complicate the control flow of the code.


Opaque predicate

Opaque Predicate

  • Opaque Predicate : an expression that evaluates to either "true" or "false“ , which its outcome is known to the obfuscator and is very difficult and even impossible for the deobfuscator to evaluate , without running the application itself.

T

Dead Code

Opaque Predicate Benefits:

Increased number of predicates to deduce

Inserting Dead and irrelevant code to

confuse an attacker.


Opaque predicate benefits

Opaque Predicate Manufacture:

Opaque Predicate Benefits:

  • Introduce an obfuscated Graph class to the code.

  • Introduce a code that manipulates (build and changes) the Graph.

  • Building Opaque Predicate with user input names according to specific invariants that the graph structure holds.

  • Adding Randomness for the IF conditions together with the predicate.

  • The Introduced Graph Class code and the code that manipulates the Graph , blends well with the source code because it uses user input names .

  • The predicate names are user defined so they resemble the given code.

  • The added predicate are easily to deduce by the obfuscator but hard to deduce by the deobfuscator.

  • In Run Time the behavior is not deterministic.


Code obfuscation final presentation

Application Use details

  • Input : User prepares config file , to configure parameters for the Opaque predicate inserting , and the “String” option that replaces given tokens with random tokens

/**************************************************************/

/* Configuration File For Koby's Obfuscation App */

/**************************************************************/

/* Working Folder */

WorkingFolder=C:\Users\koby\Desktop\New folder

/* Source Files */

SourceFileList=folder.cpp

/********************************************/

/* Parameters for "Opaque" Option */

/********************************************/

/* Related Project Names */

RelatedProjectNames=melody,tune,volume,artist,

singer

/* Number Of Predicates To Add */

NumberOfPredicatesToAdd=2

/* Function Names To Insert The Predicates */

FunctionNamesToInsertThePredicates=Play_Song

/********************************************/

/* Parameters for "Strings" Option */

/*******************************************/

/* Function Names To Be Obuscated */

FunctionNamesToBeObuscated=Play_Song,

Print_Folder_Songs

/* Variable Names */

VariableNames=Folder,song_name,temp_song


Code obfuscation final presentation

Obfuscation example

Original Code

bool Folder::Print_Folder_Songs (const string& curr_artist_name) // not checked

{Iterator<Song> itr =songs_list.GetIterator();

Song temp_song;

if (curr_artist_name=="temp_not_given")

{while (itr.HasNext())

{itr.Next().Print_Song_Name();}}

else

{while (itr.HasNext())

{temp_song=itr.Next();

if (temp_song.Get_Artist_Name()==curr_artist_name)

{temp_song.Print_Song_Name();}}}

return true;}

bool Folder::Play_Song (const string& song_name)

{Song curr_song;

Iterator<Song> itr =songs_list.GetIterator();

bool found=false;

while (itr.HasNext()&&(!found))

{curr_song=itr.Next();

if (curr_song.song_name==song_name)

{curr_song.Play_Song();

found=true;}}

return found;}


Code obfuscation final presentation

Obfuscation example

bool Folder::Print_Folder_Songs (const string& curr_artist_name) // not checked

{Iterator<Song> itr =songs_list.GetIterator();

Song temp_song;

if (curr_artist_name=="temp_not_given")

{while (itr.HasNext())

{itr.Next().Print_Song_Name();}}

else

{while (itr.HasNext())

{temp_song=itr.Next();

if (temp_song.Get_Artist_Name()==curr_artist_name)

{temp_song.Print_Song_Name();}}}

return true;}

bool Folder::Play_Song (const string& song_name)

{Song curr_song;

srand (time(NULL) );

artist* melody = new artist();

melody->singer();

melody= melody->__singer();

melody->singer();

melody= melody->__singer();

melody->singer();

melody->singer();

melody->___tune();

melody= melody->__singer();

melody->singer();

melody->singer();

melody->___tune();

melody= melody->__singer();

melody->singer();

melody->singer();

melody->___tune();

artist* tune;

tune=melody->__artist();

tune->singer();

tune = tune->__singer();

tune->singer();

melody->singer();tune->singer();

tune = tune->__singer();

tune->singer();

melody->singer();

melody= melody->__singer();

tune->___tune();

melody->singer();

melody->singer();

melody->___tune();

if (melody->__volume(tune) )

{

artist* melody = new artist();

melody->singer();

melody= melody->__singer();

melody->singer();

melody= melody->__singer();

melody->singer();

melody->singer();

melody->___tune();

melody= melody->__singer();

melody->singer();

melody->singer();

melody->___tune();

melody= melody->__singer();

melody->singer();

melody->singer();

melody->___tune();

artist* tune;

tune=melody->__artist();

tune->singer();

tune = tune->__singer();

tune->singer();

melody->singer();tune->singer();

tune = tune->__singer();

tune->singer();

melody->singer();

melody= melody->__singer();

tune->___tune();

melody->singer();

melody->singer();

melody->___tune();

Obfuscated Code – Opaque Option

tune1:

int tune2 = rand() % 2;

if (melody->__volume(tune) && tune2)

{

tune->singer();

melody->singer();tune->singer();

tune = tune->__singer();

tune->singer();

melody->singer();

melody= melody->__singer();

tune->___tune();

melody->singer();

melody->singer();

goto tune1;

melody->___tune();

}

tune->singer();

melody->singer();

melody->singer();

melody->___tune();

}

Iterator<Song> itr =songs_list.GetIterator();

bool found=false;

while (itr.HasNext()&&(!found))

{curr_song=itr.Next();

if (curr_song.song_name==song_name)

{curr_song.Play_Song();

found=true;}}

return found;}


Code obfuscation final presentation

Obfuscation example

Obfuscated Code – Opaque Option + String Option

#include "folder.h"

#include "_include_.h"

/* implementation of class ____18960____ */

//private methods

bool ____18960___::__17385___(const string& curr___28814___name)

// not checked

{Iterator<Song> itr =songs_list.GetIterator();

Song ____237____;

if (curr_____28814_____name=="temp_not_given")

{while (itr.HasNext())

{itr.Next().Print_Song_Name();}}

else

{while (itr.HasNext())

{____237____=itr.Next();

if (____237____.Get_Artist_Name()==curr_____28814_____name)

{____237____.Print_Song_Name();}}}

return true;}

bool ____18960____::____4251____ (const string& ____8667____)

{Song curr_song;

srand (time(NULL) );

____28814____* ____15463____ = new ____28814____();

____15463____->____13731____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____->____13731____();

____15463____->_______9449____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____->____13731____();

____15463____->_______9449____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____->_______9449____();

____28814____* ____9449____;

____9449____=____15463____->______28814____();

____9449____->____13731____();

____9449____ = ____9449____->______13731____();

____9449____->____13731____();

____15463____->____13731____();____9449____->____13731____();

____9449____ = ____9449____->______13731____();

____9449____->____13731____();

____15463____->____13731____();

____15463____= ____15463____->______13731____();

____9449____->_______9449____();

____15463____->____13731____();

____15463____->____13731____();

____15463____->_______9449____();

if (____15463____->______10535____(____9449____))

{

____28814____* ____15463____ = new ____28814____();

____15463____->____13731____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____->____13731____();

____15463____->_______9449____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____->____13731____();

____15463____->_______9449____();

____15463____= ____15463____->______13731____();

____15463____->____13731____();

____15463____->____13731____();

____15463____->_______9449____();

____28814____* ____9449____;

____9449____=____15463____->______28814____();

____9449____->____13731____();


Code obfuscation final presentation

Obfuscation Quality and Measurements

  • Mccabe metric (Cyclomatic complexity) – known metric that trys to measure code complexity.

  • The cyclomatic complexity of a section of source code is the count of the number of linearly independent paths through the source code.


Code obfuscation final presentation

Obfuscation Quality and Measurements

How to compute the “Cyclomatic complexity”:

Build control flow graph of the program , and the compute:

  •  E − N + 2P

    Where E = the number of edges of the graph

    N = the number of nodes of the graph

    P = the number of connected components

  • Note that for a program without any IF statements

    or WHILE, FOR , CASE statements the Cyclomatic complexity is 1

    Cyclomatic complexity = 9 - 8 + 2 = 3


Code obfuscation final presentation

Obfuscation Quality and Measurements

Experiments Results

I used the “CCCC” freeware to compute the cyclomatic complexity on the Obfuscation example given in the previous sides


  • Login