LeDoux et al., 2012 - Google Patents
Instruction embedding for improved obfuscationLeDoux et al., 2012
View PDF- Document ID
- 11545194205641924120
- Author
- LeDoux C
- Sharkey M
- Primeaux B
- Miles C
- Publication year
- Publication venue
- Proceedings of the 50th annual ACM Southeast Conference
External Links
Snippet
Disassemblers generally assume that assembly language instructions do not overlap, therefore, an obvious obfuscation against such disassemblers is to overlap instructions. This is difficult to implement, however, as the number of instructions existing in a program which …
- 230000004048 modification 0 abstract description 3
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/30—Arrangements for executing machine-instructions, e.g. instruction decode
- G06F9/32—Address formation of the next instruction, e.g. incrementing the instruction counter, jump
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xu et al. | Layered obfuscation: a taxonomy of software obfuscation techniques for layered security | |
| De Clercq et al. | SOFIA: Software and control flow integrity architecture | |
| Hu et al. | Data-oriented programming: On the expressiveness of non-control data attacks | |
| LeDoux et al. | Instruction embedding for improved obfuscation | |
| Zhang et al. | Analyzing network traffic to detect self-decrypting exploit code | |
| Koo et al. | Juggling the gadgets: Binary-level code randomization using instruction displacement | |
| US7383583B2 (en) | Static and run-time anti-disassembly and anti-debugging | |
| Kuang et al. | Enhance virtual-machine-based code obfuscation security through dynamic bytecode scheduling | |
| Shioji et al. | Code shredding: byte-granular randomization of program layout for detecting code-reuse attacks | |
| Cheng et al. | DynOpVm: VM-based software obfuscation with dynamic opcode mapping | |
| Couroussé et al. | Runtime code polymorphism as a protection against side channel attacks | |
| Andriesse et al. | Parallax: Implicit code integrity verification using return-oriented programming | |
| Qiu et al. | Physical unclonable functions-based linear encryption against code reuse attacks | |
| Kwon et al. | A2c: Self destructing exploit executions via input perturbation | |
| Lu et al. | deRop: removing return-oriented programming from malware | |
| Mu et al. | ROPOB: obfuscating binary code via return oriented programming | |
| Zhu et al. | Protection against indirect overflow attacks on pointers | |
| Xue et al. | Exploiting code diversity to enhance code virtualization protection | |
| Pewny et al. | Breaking and fixing destructive code read defenses | |
| Stolz et al. | Recommendation for a holistic secure embedded ISA extension | |
| Lee et al. | VODKA: Virtualization obfuscation using dynamic key approach | |
| Buckwell et al. | Execution at RISC: Stealth JOP Attacks on RISC-V Applications | |
| Darwish et al. | Stealthy code obfuscation technique for software security | |
| KR102430335B1 (en) | Method For Enhancing Obfuscation Of Virtual Code And Apparatus Thereof | |
| Lashermes et al. | Hardware-assisted program execution integrity: Hapei |