Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program functions into ROP chains that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand popular static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant amount of computational resources would be required to carry a deobfuscation attack for secret finding and code coverage goals.

Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation / Borrello, Pietro; Coppa, Emilio; D'Elia, Daniele Cono. - (2021), pp. 555-568. (Intervento presentato al convegno 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) tenutosi a Virtual Event) [10.1109/DSN48987.2021.00064].

Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation

Pietro Borrello
Primo
;
Emilio Coppa
;
Daniele Cono D'Elia
Ultimo
2021

Abstract

Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program functions into ROP chains that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand popular static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant amount of computational resources would be required to carry a deobfuscation attack for secret finding and code coverage goals.
2021
51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Code obfuscation; program protection; ROP
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation / Borrello, Pietro; Coppa, Emilio; D'Elia, Daniele Cono. - (2021), pp. 555-568. (Intervento presentato al convegno 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) tenutosi a Virtual Event) [10.1109/DSN48987.2021.00064].
File allegati a questo prodotto
File Dimensione Formato  
Borrello_postprint_Hiding_2021.pdf

accesso aperto

Note: DOI: 10.1109/DSN48987.2021.00064
Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 415.75 kB
Formato Adobe PDF
415.75 kB Adobe PDF
Borrello_Hiding_2021.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 350.95 kB
Formato Adobe PDF
350.95 kB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1557526
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 7
  • ???jsp.display-item.citation.isi??? 4
social impact