Data tainting and obfuscation: Improving plausibility of incorrect taint

Sandrine Blazy, Stephanie Riaud, Thomas Sirvent
2015 2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)  
Code obfuscation is designed to impede the reverse engineering of a binary software. Dynamic data tainting is an analysis technique used to identify dependencies between data in a software. Performing dynamic data tainting on obfuscated software usually yields hard to exploit results, due to over-tainted data. Such results are clearly identifiable as useless: an attacker will immediately discard them and opt for an alternative tool. In this paper, we present a code transformation technique
more » ... to prevent the identification of useless results: a few lines of code are inserted in the obfuscated software, so that the results obtained by the dynamic data tainting approach appear acceptable. These results remain however wrong and lead an attacker to waste enough time and resources trying to analyze incorrect data dependencies, so that he will usually decide to use less automated and advanced analysis techniques, and maybe give up reverse engineering the current binary software. This improves the security of the software against malicious analysis.
doi:10.1109/scam.2015.7335407 dblp:conf/scam/BlazyRS15 fatcat:mfmft4d3dvhllg373umkgkbdke