Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Lightweight Dispatcher Constructions for Control Flow Flattening

Johansson, Björn ; Lantz, Patrik LU and Liljenstam, Michael (2017)
Abstract
The objective of control flow obfuscation is to protect the program control flow from analysis. A technique called control flow flattening addresses static analysis by hiding edges between basic blocks in a program and introduces a dispatcher block that determines the execution order of the randomized blocks.

In this paper we propose a novel flattening construction and lightweight dispatchers that do not impose high runtime performance impact on the program but still give good protection of the control flow against static analysis. We also present an attack model that allows us to quantitatively evaluate the protection the constructions give and compare against other suggestions from the literature. We have implemented our... (More)
The objective of control flow obfuscation is to protect the program control flow from analysis. A technique called control flow flattening addresses static analysis by hiding edges between basic blocks in a program and introduces a dispatcher block that determines the execution order of the randomized blocks.

In this paper we propose a novel flattening construction and lightweight dispatchers that do not impose high runtime performance impact on the program but still give good protection of the control flow against static analysis. We also present an attack model that allows us to quantitatively evaluate the protection the constructions give and compare against other suggestions from the literature. We have implemented our construction in the open source obfuscator OLLVM and present experimental results on overheads from different dispatcher implementations. (Less)
Abstract (Swedish)
The objective of control flow obfuscation is to protect the program control flow from analysis. A technique called control flow flattening addresses static analysis by hiding edges between basic blocks in a program and introduces a dispatcher block that determines the execution order of the randomized blocks.

In this paper we propose a novel flattening construction and lightweight dispatchers that do not impose high runtime performance impact on the program but still give good protection of the control flow against static analysis. We also present an attack model that allows us to quantitatively evaluate the protection the constructions give and compare against other suggestions from the literature. We have implemented our... (More)
The objective of control flow obfuscation is to protect the program control flow from analysis. A technique called control flow flattening addresses static analysis by hiding edges between basic blocks in a program and introduces a dispatcher block that determines the execution order of the randomized blocks.

In this paper we propose a novel flattening construction and lightweight dispatchers that do not impose high runtime performance impact on the program but still give good protection of the control flow against static analysis. We also present an attack model that allows us to quantitatively evaluate the protection the constructions give and compare against other suggestions from the literature. We have implemented our construction in the open source obfuscator OLLVM and present experimental results on overheads from different dispatcher implementations. (Less)
Please use this url to cite or link to this publication:
author
; and
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Anti-analysis, Control flow, Obfuscation, Anti-analysis, Control flow, Obfuscation
host publication
SSPREW-7 : Proceedings of the 7th Software Security, Protection, and Reverse Engineering Software Security and Protection Workshop, Orlando, FL, USA - Proceedings of the 7th Software Security, Protection, and Reverse Engineering Software Security and Protection Workshop, Orlando, FL, USA
publisher
Association for Computing Machinery (ACM)
external identifiers
  • scopus:85045895377
ISBN
978-1-4503-5387-8
DOI
10.1145/3151137.3151139
language
English
LU publication?
no
id
9bbf24aa-7628-49d2-9814-dd0c3923318e
date added to LUP
2018-01-11 09:25:40
date last changed
2022-02-15 00:23:29
@inproceedings{9bbf24aa-7628-49d2-9814-dd0c3923318e,
  abstract     = {{The objective of control flow obfuscation is to protect the program control flow from analysis. A technique called control flow flattening addresses static analysis by hiding edges between basic blocks in a program and introduces a dispatcher block that determines the execution order of the randomized blocks.<br/><br/>In this paper we propose a novel flattening construction and lightweight dispatchers that do not impose high runtime performance impact on the program but still give good protection of the control flow against static analysis. We also present an attack model that allows us to quantitatively evaluate the protection the constructions give and compare against other suggestions from the literature. We have implemented our construction in the open source obfuscator OLLVM and present experimental results on overheads from different dispatcher implementations.}},
  author       = {{Johansson, Björn and Lantz, Patrik and Liljenstam, Michael}},
  booktitle    = {{SSPREW-7 : Proceedings of the 7th Software Security, Protection, and Reverse Engineering Software Security and Protection Workshop, Orlando, FL, USA}},
  isbn         = {{978-1-4503-5387-8}},
  keywords     = {{Anti-analysis; Control flow; Obfuscation; Anti-analysis; Control flow; Obfuscation}},
  language     = {{eng}},
  publisher    = {{Association for Computing Machinery (ACM)}},
  title        = {{Lightweight Dispatcher Constructions for Control Flow Flattening}},
  url          = {{http://dx.doi.org/10.1145/3151137.3151139}},
  doi          = {{10.1145/3151137.3151139}},
  year         = {{2017}},
}