research-article

N-version Obfuscation

Authors:

Michael LyuAuthors Info & Claims

CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security

Pages 22 - 33

https://doi.org/10.1145/2899015.2899026

Published: 30 May 2016 Publication History

Abstract

Although existing for decades, software tampering attack is still a main threat to systems, such as Android, and cyber physical systems. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, none of them can achieve theoretically tamper-proof without the protection of hardware circuit. Rather than proposing new tricks against tampering attacks, we focus on impeding the replication of software tampering via program diversification, and thus pose a scalability barrier against the attacks. Our idea, namely N-version obfuscation (NVO), is to automatically generate and deliver same featured, but functionally nonequivalent software copies to different machines or users.

In this paper, we investigate such an idea on Android platform. We carefully design a candidate NVO solution for networked apps, which leverages a Message Authentication Code (MAC) mechanism to generate the functionally nonequivalent diversities. Our evaluation result shows that the time required for breaking such a software system increases linearly with respect to the number of software versions. In this way, attackers would suffer great scalability issues, considering that an app can have millions of users. With minimal NVO costs, effective tamper-resistant security can therefore be established.

References

[1]

Android Auto. https://www.android.com/auto/.

[2]

DexGuard. https://www.guardsquare.com/dexguard.

[3]

FIPS Pub 180-4: Secure Hash Standard (SHS). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf.

[4]

IDA. https://www.hex-rays.com/products/ida/.

[5]

ProGuard. http://developer.android.com/tools/help/proguard.html.

[6]

A. Appel. Deobfuscation is in np. Princeton University, Aug, 21:2, 2002.

[7]

B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im) possibility of obfuscating programs. In CRYPTO, pages 1--18. Springer, 2001.

Digital Library

[8]

H. Chang and M. J. Atallah. Protecting software code by guards. In Security and Privacy in Digital Rights Management, pages 160--175. Springer, 2002.

Digital Library

[9]

L. Chen and A. Avizienis. N-version programming: a fault-tolerance approach to reliability of software operation. In Proc. the 8th IEEE International Symposium on Fault-Tolerant Computing, pages 3--9, 1978.

[10]

Y. Chen, R. Venkatesan, et al. Oblivious hashing: A stealthy software integrity verification primitive. In Information Hiding, pages 400--414. Springer, 2003.

Digital Library

[11]

S. Chow, P. Eisen, H. Johnson, and P. C. V. Oorschot. White-box cryptography and an aes implementation. In Selected Areas in Cryptography, pages 250--270. Springer, 2003.

[12]

F. B. Cohen. Operating system protection through program evolution. Computers & Security, 12(6):565--584, 1993.

Digital Library

[13]

C. Collberg, C. Thomborson, and D. Low. A taxonomy of obfuscating transformations. Technical report, Department of Computer Science, The University of Auckland, 1997.

[14]

C. S. Collberg and C. Thomborson. Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. on Software Engineering, 28(8):735--746, 2002.

Digital Library

[15]

S. Crane, C. Liebchen, et al. Readactor: Practical code randomization resilient to memory disclosure. In Proc. of the 36th IEEE Symposium on Security and Privacy, volume 15, 2015.

Digital Library

[16]

D. Dunaev and L. Lengyel. Complexity of a special deobfuscation problem. In Proc. of the 19th IEEE International Conference and Workshops on Engineering of Computer Based Systems, pages 1--4, 2012.

Digital Library

[17]

E. Eilam. Reversing: secrets of reverse engineering. John Wiley & Sons, 2011.

[18]

P. Faruki, V. Laxmi, V. Ganmoor, M. S. Gaur, and A. Bharmal. Droidolytics: robust feature signature for repackaged android apps on official and third party android markets. In Proc. of the 2nd IEEE International Conference on Advanced Computing, Networking and Security, pages 247--252, 2013.

Digital Library

[19]

S. Forrest, A. Somayaji, and D. H. Ackley. Building diverse computer systems. In Proc. of the 6th IEEE Workshop on Hot Topics in Operating Systems, pages 67--72, 1997.

Digital Library

[20]

M. N. Gagnon, S. Taylor, and A. K. Ghosh. Software protection through anti-debugging. 2007.

[21]

B. Horne, L. Matheson, C. Sheehan, and R. E. Tarjan. Dynamic self-checking techniques for improved tamper resistance. In Security and Privacy in Digital Rights Management, pages 141--159. Springer, 2002.

Digital Library

[22]

P. Junod, J. Rinaldini, J. Wehrli, and J. Michielin. Obfuscator-llvm-software protection for the masses. 2015.

[23]

C. Kil, J. Jim, C. Bookholt, J. Xu, and P. Ning. Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In Proc. of the 22nd IEEE Annual Computer Security Applications Conference, pages 339--348, 2006.

Digital Library

[24]

W. Landi and B. G. Ryder. Pointer-induced aliasing: A problem classification. In Proc. of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 93--103, 1991.

Digital Library

[25]

P. Larsen, S. Brunthaler, and M. Franz. Automatic software diversity. 2015.

[26]

L. Lei, Y. Wang, J. Zhou, D. Zha, and Z. Zhang. A threat to mobile cyber-physical systems: Sensor-based privacy theft attacks on android smartphones. In Proc. of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 126--133, 2013.

Digital Library

[27]

C. Linn and S. Debray. Obfuscation of executable code to improve resistance to static disassembly. In Proc. of the 10th ACM Conference on Computer and Communications Security, pages 290--299, 2003.

Digital Library

[28]

M. R. Lyu et al. Handbook of software reliability engineering. IEEE Computer Society Press, 1996.

Digital Library

[29]

M. R. Lyu and Y.-T. He. Improving the n-version programming process through the evolution of a design paradigm. IEEE Transactions on Reliability, 42(2):179--189, 1993.

[30]

J. Ming, D. Xu, L. Wang, and D. Wu. Loop: Logic-oriented opaque predicate detection in obfuscated binary code. In Proc. of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 757--768, 2015.

Digital Library

[31]

A. Moser, C. Kruegel, and E. Kirda. Limits of static analysis for malware detection. In Proc. of the 23rd IEEE Annual Computer Security Applications Conference, pages 421--430, 2007.

[32]

T. Ogiso, Y. Sakabe, M. Soshi, and A. Miyaji. Software obfuscation on a theoretical basis and its implementation. IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, 86(1):176--186, 2003.

[33]

P. O'Kane, S. Sezer, and K. McLaughlin. Obfuscation: The hidden malware. 2011.

[34]

V. Pappas, M. Polychronakis, and A. D. Keromytis. Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In Proc. of the 33rd IEEE Symposium on Security and Privacy, 2012.

Digital Library

[35]

J. Qiu, B. Yadegari, B. Johannesmeyer, S. Debray, and X. Su. Identifying and understanding self-checksumming defenses in software. 2015.

[36]

J. Qiu, B. Yadegari, B. Johannesmeyer, et al. A framework for understanding dynamic anti-analysis defenses. In Proc. of the 4th ACM Program Protection and Reverse Engineering Workshop, 2014.

Digital Library

[37]

C. Ren, K. Chen, and P. Liu. Droidmarking: Resilient software watermarking for impeding android application repackaging. In Proc. of the 29th ACM/IEEE International Conference on Automated Software Engineering, pages 635--646, 2014.

Digital Library

[38]

T. Sander and C. F. Tschudin. Protecting mobile agents against malicious hosts. In Mobile Agents and Security, pages 44--60. Springer, 1998.

Digital Library

[39]

Y. Shao, X. Luo, C. Qian, P. Zhu, and L. Zhang. Towards a scalable resource-driven approach fordetecting repackaged android applications. In Proc. of the 30th ACM Annual Computer Security Applications Conference, pages 56--65, 2014.

Digital Library

[40]

M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee. Impeding malware analysis using conditional code obfuscation. In Proc. of the 15th Annual Network & Distributed System Security Conference (NDSS), 2008.

[41]

T. Shields. Anti-debugging: a developers view, 2010.

[42]

J. Shu, J. Li, Y. Zhang, and D. Gu. Android app protection via interpretation obfuscation. In Proc. of the 12th IEEE International Conference on Dependable, Autonomic and Secure Computing, 2014.

Digital Library

[43]

M. Sun, M. Li, and J. Lui. Droideagle: seamless detection of visually similar android apps. In Proc. of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, page 9, 2015.

Digital Library

[44]

H. Wang, Y. Guo, Z. Ma, and X. Chen. Wukong: a scalable and accurate two-phase approach to androidapp clone detection. In Proc. of the ACM International Symposium on Software Testing and Analysis, pages 71--82, 2015.

Digital Library

[45]

Z. Wang, J. Ming, C. Jia, and D. Gao. Linear obfuscation to combat symbolic execution. In Proc. of the 16th European Symposium on Research in Computer Security (ESORICS). Springer, 2011.

Digital Library

[46]

G. Wurster, P. V. Oorschot, and A. Somayaji. A generic attack on checksumming-based software tamper resistance. In Proc. of the 26th IEEE Symposium on Security and Privacy, 2005.

Digital Library

[47]

H. Xu, Y. Zhou, C. Gao, Y. Kang, and M. R. Lyu. Spyaware: Investigating the privacy leakage signatures in app execution traces. In Proc. of the 26th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2015.

Digital Library

[48]

B. Yadegari and S. Debray. Symbolic execution of obfuscated code. In Proc. of the 22nd ACM SIGSAC Conference on Computer and Communications Security, volume 15, pages 732--744, 2015.

Digital Library

[49]

B. Yadegari, B. Johannesmeyer, et al. A generic approach to automatic deobfuscation of executable code. Technical report, 2015.

[50]

F. Zhang, D. Wu, P. Liu, and S. Zhu. Program logic based software plagiarism detection. In Proc. of the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2014.

Digital Library

[51]

W. Zhou, Z. Wang, Y. Zhou, and X. Jiang. Divilar: Diversifying intermediate language for anti-repackaging on android platform. In Proc. of the 4th ACM Conference on Data and Application Security and Privacy, pages 199--210, 2014.

Digital Library

[52]

W. Zhou, X. Zhang, and X. Jiang. Appink: watermarking android apps for repackaging deterrence. In Proc. of the 8th ACM Symposium on Information, Computer and Communications Security, pages 1--12, 2013.

Digital Library

[53]

W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting repackaged smartphone applications in third-party android marketplaces. In Proc. of the 2nd ACM Conference on Data and Application Security and Privacy, pages 317--326, 2012.

Digital Library

[54]

Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Proc. of the 33th IEEE Symposium on Security and Privacy, 2012.

Digital Library

Cited By

Sharma SVashisth SDhall I(2023)Flexible Reverse Engineering of Desktop and Web ApplicationsComputational Intelligence for Engineering and Management Applications10.1007/978-981-19-8493-8_45(609-624)Online publication date: 30-Apr-2023
https://doi.org/10.1007/978-981-19-8493-8_45
Xu HZhou YMing JLyu M(2020)Layered obfuscation: a taxonomy of software obfuscation techniques for layered securityCybersecurity10.1186/s42400-020-00049-33:1Online publication date: 3-Apr-2020
https://doi.org/10.1186/s42400-020-00049-3
Ouffoue GZaidi FCavalli ALallali M(2017)How Web Services Can Be Tolerant to Intruders through Diversification2017 IEEE International Conference on Web Services (ICWS)10.1109/ICWS.2017.50(436-443)Online publication date: Jun-2017
https://doi.org/10.1109/ICWS.2017.50
Show More Cited By

Index Terms

N-version Obfuscation
1. Security and privacy
  1. Formal methods and theory of security
    1. Security requirements

Recommendations

A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security

Over the past few decades ago, software developers analyzed robustly several forms of software protection against illegal copying or piracy. With the expansion in digital technology, the risk of illegal copying of software also amplifies. The increasing ...
Hybrid static-dynamic attacks against software protection mechanisms
DRM '05: Proceedings of the 5th ACM workshop on Digital rights management

Advances in reverse engineering and program analyses have made software extremely vulnerable to malicious host attacks. These attacks typically take the form of intellectual property violations, against which the software needs to be protected. The ...
Teaching Cyber Security Using Competitive Software Obfuscation and Reverse Engineering Activities
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science Education

Teaching cyber security techniques can be challenging due to the complexity associated with building secure systems. The major issue is these systems could easily be broken if proper protection techniques are not employed. This requires students to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security

May 2016

102 pages

ISBN:9781450342889

DOI:10.1145/2899015

Program Chairs:
Jianying Zhou
I2R, Singapore
,
Javier Lopez
University of Malaga, Spain

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 May 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '16

Sponsor:

SIGSAC

ASIA CCS '16: ACM Asia Conference on Computer and Communications Security

May 30, 2016

Xi'an, China

Acceptance Rates

CPSS '16 Paper Acceptance Rate 8 of 28 submissions, 29%;

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
267
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)2

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sharma SVashisth SDhall I(2023)Flexible Reverse Engineering of Desktop and Web ApplicationsComputational Intelligence for Engineering and Management Applications10.1007/978-981-19-8493-8_45(609-624)Online publication date: 30-Apr-2023
https://doi.org/10.1007/978-981-19-8493-8_45
Xu HZhou YMing JLyu M(2020)Layered obfuscation: a taxonomy of software obfuscation techniques for layered securityCybersecurity10.1186/s42400-020-00049-33:1Online publication date: 3-Apr-2020
https://doi.org/10.1186/s42400-020-00049-3
Ouffoue GZaidi FCavalli ALallali M(2017)How Web Services Can Be Tolerant to Intruders through Diversification2017 IEEE International Conference on Web Services (ICWS)10.1109/ICWS.2017.50(436-443)Online publication date: Jun-2017
https://doi.org/10.1109/ICWS.2017.50
Liu WChen FHu HCheng GHuo SLiang H(2017)A Novel Framework for Zero-Day Attacks Detection and Response with Cyberspace Mimic Defense Architecture2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)10.1109/CyberC.2017.39(50-53)Online publication date: Oct-2017
https://doi.org/10.1109/CyberC.2017.39

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten