Skip to Main content Skip to Navigation
Conference papers

Defeating MBA-based Obfuscation

Ninon Eyrolles 1, 2 Louis Goubin 2 Marion Videau 3, 1
3 CARAMBA - Cryptology, arithmetic : algebraic methods for better algorithms
Inria Nancy - Grand Est, LORIA - ALGO - Department of Algorithms, Computation, Image and Geometry
Abstract : Mixed Boolean-Arithmetic expressions are presented as a strong protection in the context of data flow obfuscation. As there is very little literature on the analysis of such obfus-cated expressions, two important subjects of interest are: to define what simplifying those expressions means, and how to design a simplification solution. We focus on evaluating the resilience of this technique, by giving theoretical elements to justify its efficiency and proposing a simplification algorithm using a pattern matching approach. The implementation of this solution is capable of simplifying the public examples of MBA-obfuscated expressions, demonstrating that at least a subset of MBA obfuscation lacks resilience against pattern matching analysis.
Document type :
Conference papers
Complete list of metadatas

Cited literature [30 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01388109
Contributor : Marion Videau <>
Submitted on : Wednesday, October 26, 2016 - 2:56:56 PM
Last modification on : Monday, February 10, 2020 - 6:13:49 PM

File

spro05.pdf
Files produced by the author(s)

Identifiers

Citation

Ninon Eyrolles, Louis Goubin, Marion Videau. Defeating MBA-based Obfuscation. 2nd International Workshop on Software PROtection, Oct 2016, Vienna, Austria. ⟨10.1145/2995306.2995308⟩. ⟨hal-01388109⟩

Share

Metrics

Record views

542

Files downloads

1207