Internet Archive Scholar

Data tainting and obfuscation: Improving plausibility of incorrect taint

Sandrine Blazy, Stephanie Riaud, Thomas Sirvent
2015 2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.7 MB)
https://web.archive.org/web/20170922083606/https://hal.inria.fr/hal-01193286/document

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

Code obfuscation is designed to impede the reverse engineering of a binary software. Dynamic data tainting is an analysis technique used to identify dependencies between data in a software. Performing dynamic data tainting on obfuscated software usually yields hard to exploit results, due to over-tainted data. Such results are clearly identifiable as useless: an attacker will immediately discard them and opt for an alternative tool. In this paper, we present a code transformation technique
more » ... to prevent the identification of useless results: a few lines of code are inserted in the obfuscated software, so that the results obtained by the dynamic data tainting approach appear acceptable. These results remain however wrong and lead an attacker to waste enough time and resources trying to analyze incorrect data dependencies, so that he will usually decide to use less automated and advanced analysis techniques, and maybe give up reverse engineering the current binary software. This improves the security of the software against malicious analysis.
doi:10.1109/scam.2015.7335407 dblp:conf/scam/BlazyRS15 fatcat:mfmft4d3dvhllg373umkgkbdke
Citation

Sandrine Blazy, Stephanie Riaud, Thomas Sirvent. "Data tainting and obfuscation: Improving plausibility of incorrect taint." 2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) (2015) 111-120