Loading...
Please wait, while we are loading the content...
Similar Documents
Comparing the effectiveness of commercial obfuscators against MATE attacks
| Content Provider | ACM Digital Library |
|---|---|
| Author | Russ, Samuel H. McDonald, J. Todd Andel, Todd R. Mahoney, William R. Manikyam, Ramya |
| Abstract | The ability to protect software from malicious reverse engineering remains a challenge faced by commercial software companies who invest a large amount of resources in the development of their software product. In order to protect their investment from potential attacks such as illegal copying, tampering, and malicious reverse engineering, most companies utilize some type of protection software, also known as obfuscators, to create variants of their products that are more resilient to adversarial analysis. In this paper, we report on the effectiveness of different commercial obfuscators against traditional man-at-the-end (MATE) attacks where an adversary can utilize tools such as debuggers, disassemblers, and de-compilers as a legitimate end-user of a binary executable. Our case study includes four benchmark programs that have associated adversarial goals categorized as either comprehension or change tasks. We use traditional static and dynamic analysis techniques to identify the adversarial workload and outcomes before and after each program is transformed by a set of three commercial obfuscators. Our results confirm what is typically assumed: an adversary with a reasonable background in the computing disciplines can both comprehend and make changes to any of our completely unprotected programs using standard tools. Additionally, given the same skill set and attack approach, protected programs can still be probed to leak certain information, but none could be successfully altered and saved to create a cracked version. As a contribution, our methodology is unique compared to prior studies on obfuscation effectiveness in that we categorize adversarial skill and delineate program goals into comprehension and change ability, while considering the load time and overhead of obfuscated variants. |
| Starting Page | 1 |
| Ending Page | 11 |
| Page Count | 11 |
| File Format | |
| ISBN | 9781450348416 |
| DOI | 10.1145/3015135.3015143 |
| Language | English |
| Publisher | Association for Computing Machinery (ACM) |
| Publisher Date | 2016-12-05 |
| Publisher Place | New York |
| Access Restriction | Subscribed |
| Subject Keyword | Cracked programs Obfuscation Software protection Commercial obfuscators Dynamic analysis Static analysis Anti-tamper Malicious reverse engineering Man-at-the-end (mate) attacks |
| Content Type | Text |
| Resource Type | Article |
