HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Theses

Affiner la déobfuscation symbolique et concrète de programmes protégés par des prédicats opaques

Alexandre Gonzalvez 1, 2
2 Lab-STICC_IMTA_CID_IRIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : High demand exists nowadays to improve advanced obfuscation and deobfuscation techniques, with the purpose of preventing intellectual property piracy or improving defence against cyber security attacks. This thesis focuses on the improvement of the deobfuscation achieved by symbolic and concrete analysis tools of protected programs using opaque predicates. These tools rely on automated program analysis tools (dynamic symbolic execution engine) that use Satisfiability Modulo Theory solvers (SMT solvers). To understand more precisely some situations in which the predicate analysis performed by these tools fails, our aim is to be able to identify practical solutions to avoid these scenarios and test them in real cases. First results show how an Instruction Set Assembly (ISA) allows opaque predicates to appear or not. We suggest an improvement of the opaque predicates identification based on the SMT solvers behavior. We suggest a method to reshape SMT queries to reduce the effects of opaque predicates. These features are built into several automated tools such as KLEE or Angr, followed by testing them on different programs which contain opaque predicates.
Document type :
Theses
Complete list of metadata

Cited literature [39 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-02927808
Contributor : Abes Star :  Contact
Submitted on : Wednesday, September 2, 2020 - 8:50:07 AM
Last modification on : Monday, April 4, 2022 - 9:28:21 AM
Long-term archiving on: : Wednesday, December 2, 2020 - 3:52:19 PM

File

2020IMTA0187_Gonzalvez-Alexand...
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-02927808, version 1

Citation

Alexandre Gonzalvez. Affiner la déobfuscation symbolique et concrète de programmes protégés par des prédicats opaques. Cryptographie et sécurité [cs.CR]. Ecole nationale supérieure Mines-Télécom Atlantique, 2020. Français. ⟨NNT : 2020IMTA0187⟩. ⟨tel-02927808⟩

Share

Metrics

Record views

265

Files downloads

246