IMG_5657 - Version 2

Code Obfuscation:
A Hacking view on program analysis and understanding

Course outline (~24h)

  • Obfuscation: informal definition, the battleground in the large, code protection technologies, examples in malware & IP/key protection. The market: economic & sociological impact. (2h) [slides]
  • Theory of Compilers: Ordered structures, complete lattices, fix-points, Semantics, Interpreters, Specialisers. Futamura projections. Examples in Scheme/Imp. (4h) [slides1 and slides2]
  • Theory of code obfuscation: PTM, one-way functions, point functions, VBB, possibility and impossibility results (2h) [slides]
  • Abstract interpretation based program analysis: Soundness. (4h) [slides]
  • Constraining attackers in an abstract interpreter: Completeness. (4h) [slides]
  • Obscuring code: hacking an abstract interpreter: A method and with some examples on code flattening, anti program slicing & anti monitoring. (2h) [slides]
  • Hands-on: Imp and Interproc. (2h) [slides]
  • Dynamic protection, Tamper proofing, challenges & open problems (4h) [slides]

All material is protected by password. You can have the password by contacting me.

The exam will be a contest in making code obscure for some static analysers. The benchmark analyser/attacker is Interproc. A hands on session will show how it works.