Abstract
AbstractA popular control-flow obfuscation approach used to protect software is inserting opaque predicates. However, recent research has questioned the usefulness of opaque predicates with the realization that simple heuristic attacks can effectively detect them. In this paper, we introduce a novel approach to construct opaque predicates that prevents both heuristic attacks and automated attacks by having opaque predicates syntactically and semantically resemble real predicates.Our approach uses abstract interpretation to infer variables’ value sets. From each value set, we synthesize an opaque predicate that 1) evaluates all items in its value set to the same truth value and 2) shares real predicates’ common syntactic features.Our opaque predicates syntactically resemble real predicates because they share real predicates’ common syntactic features and their invariants are naturally occurring as they are inferred from the program’s semantics. Previous approaches to constructing opaque predicates are susceptible to heuristic attacks because they use synthetic invariants that can inadvertently introduce unnatural code.Our opaque predicates semantically resemble real predicates because the naturally occurring invariants they use are based on value sets. Like real predicates’ variables, our opaque predicates’ variables can also take on different values during runtime. From our evaluation, we show promising results that our opaque predicates can withstand automated attacks. Current state-of-the-art deobfuscation, dynamic symbolic execution, can only detect 41% of our opaque predicates.KeywordsOpaque predicatesObfuscationSoftware protection
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
