Abstract
This paper presents a program obfuscation framework that uses covert channels through the program's execution environment to obfuscate information flow through the program. Unlike prior works on obfuscation, the use of covert channels removes visible information flows from the computation of the program and reroutes them through the program's runtime system and/or the operating system. This renders these information flows, and the corresponding control and data dependencies, invisible to program analysis tools such as symbolic execution engines. Additionally, we present the idea of probabilistic obfuscation which uses imperfect covert channels to leak information with some probabilistic guarantees. Experimental evaluation of our approach against state of the art detection and analysis techniques show the engines are not well-equipped to handle these obfuscations, particularly those of the probabilistic variety.
Original language | English (US) |
---|---|
Title of host publication | Proceedings - 3rd IEEE European Symposium on Security and Privacy, EURO S and P 2018 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 243-257 |
Number of pages | 15 |
ISBN (Electronic) | 9781538642276 |
DOIs | |
State | Published - Jul 6 2018 |
Event | 3rd IEEE European Symposium on Security and Privacy, EURO S and P 2018 - London, United Kingdom Duration: Apr 24 2018 → Apr 26 2018 |
Other
Other | 3rd IEEE European Symposium on Security and Privacy, EURO S and P 2018 |
---|---|
Country | United Kingdom |
City | London |
Period | 4/24/18 → 4/26/18 |
Keywords
- Covert Channels
- Malware
- Obfuscation
- Privacy
- Symbolic Analysis
- System Security
ASJC Scopus subject areas
- Artificial Intelligence
- Computer Networks and Communications
- Safety, Risk, Reliability and Quality