Strong and against dynamic attack resistant, obfuscaties

01 January 2015 → 31 December 2018
Regional and community funding: IWT/VLAIO
Research disciplines
  • Engineering and technology
    • Other computer engineering, information technology and mathematical engineering not elsewhere classified
Project description

The number of online devices is growing at a high rate. These devices can be smartphones, tablets, desktops and servers, but also devices in the Internet of Things, medical equipment, etc. These devices provide functionality that have become essential to our society, to our economy and for our well-being. The more devices are put onine, the more attractive they become to be attacked, especially when they process confidential data. One way to prevent attacks from being executed, or at least to make them harder to be executed, is by using software protections: techniques by which the software running on those devices is transformed to protect them against improper use.

However, a major shortcoming of most techniques is that they only protect against static attacks: attacks in which the software is analysed without executing it. They are very weak against dynamic attacks, where the software is executed. Recent work showed that even some of the most complex protection techniques can be easily removed in an automated way by using such dynamic attacks.

This research aims to develop novel, strong and against dynamic attacks resistant, obfuscations. We do this in two ways. On the one hand, we develop techniques to exploit the properties of code fragments already present in the original program. We will use these properties to implement the protections. On the other hand, we develop a meta-API to enable the introduction of more complex and global protections.