Control Flow Obfuscation using Neural Network to Fight Concolic Testing
Concolic testing is widely regarded as the state-of-the-art technique in dynamic discovering and analyzing trigger-based behavior in software programs. It uses symbolic execution and an automatic theorem prover to generate new concrete test cases to maximize code coverage for scenarios like software...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2014
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/2260 https://ink.library.smu.edu.sg/context/sis_research/article/3260/viewcontent/GaoDControlFlowObfuscationsecurecomm14.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-3260 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-32602015-11-23T05:06:03Z Control Flow Obfuscation using Neural Network to Fight Concolic Testing Ma, Haoyu Ma, Xinjie Liu, Weijie Huang, Zhipeng GAO, Debin Jia, Chunfu Concolic testing is widely regarded as the state-of-the-art technique in dynamic discovering and analyzing trigger-based behavior in software programs. It uses symbolic execution and an automatic theorem prover to generate new concrete test cases to maximize code coverage for scenarios like software verification and malware analysis. While malicious developers usually try their best to hide malicious executions, there are also circumstances in which legitimate reasons are presented for a program to conceal trigger-based conditions and the corresponding behavior, which leads to the demand of control flow obfuscation techniques. We propose a novel control flow obfuscation design based on the incomprehensibility of artificial neural networks to fight against reverse engineering tools including concolic testing. By training neural networks to simulate conditional behaviors of a program, we manage to precisely replace essential points of a program’s control flow with neural network computations. Evaluations show that since the complexity of extracting rules from trained neural networks easily goes beyond the capability of program analysis tools, it is infeasible to apply concolic testing on code obfuscated with our method. Our method also incorporates only basic integer operations and simple loops, thus can be hard to be distinguished from regular programs. 2014-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2260 info:doi/10.1007/978-3-319-23829-6_21 https://ink.library.smu.edu.sg/context/sis_research/article/3260/viewcontent/GaoDControlFlowObfuscationsecurecomm14.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Software obfuscation malware analysis reverse engineering concolic testing neural network Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Software obfuscation malware analysis reverse engineering concolic testing neural network Information Security |
| spellingShingle |
Software obfuscation malware analysis reverse engineering concolic testing neural network Information Security Ma, Haoyu Ma, Xinjie Liu, Weijie Huang, Zhipeng GAO, Debin Jia, Chunfu Control Flow Obfuscation using Neural Network to Fight Concolic Testing |
| description |
Concolic testing is widely regarded as the state-of-the-art technique in dynamic discovering and analyzing trigger-based behavior in software programs. It uses symbolic execution and an automatic theorem prover to generate new concrete test cases to maximize code coverage for scenarios like software verification and malware analysis. While malicious developers usually try their best to hide malicious executions, there are also circumstances in which legitimate reasons are presented for a program to conceal trigger-based conditions and the corresponding behavior, which leads to the demand of control flow obfuscation techniques. We propose a novel control flow obfuscation design based on the incomprehensibility of artificial neural networks to fight against reverse engineering tools including concolic testing. By training neural networks to simulate conditional behaviors of a program, we manage to precisely replace essential points of a program’s control flow with neural network computations. Evaluations show that since the complexity of extracting rules from trained neural networks easily goes beyond the capability of program analysis tools, it is infeasible to apply concolic testing on code obfuscated with our method. Our method also incorporates only basic integer operations and simple loops, thus can be hard to be distinguished from regular programs. |
| format |
text |
| author |
Ma, Haoyu Ma, Xinjie Liu, Weijie Huang, Zhipeng GAO, Debin Jia, Chunfu |
| author_facet |
Ma, Haoyu Ma, Xinjie Liu, Weijie Huang, Zhipeng GAO, Debin Jia, Chunfu |
| author_sort |
Ma, Haoyu |
| title |
Control Flow Obfuscation using Neural Network to Fight Concolic Testing |
| title_short |
Control Flow Obfuscation using Neural Network to Fight Concolic Testing |
| title_full |
Control Flow Obfuscation using Neural Network to Fight Concolic Testing |
| title_fullStr |
Control Flow Obfuscation using Neural Network to Fight Concolic Testing |
| title_full_unstemmed |
Control Flow Obfuscation using Neural Network to Fight Concolic Testing |
| title_sort |
control flow obfuscation using neural network to fight concolic testing |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2014 |
| url |
https://ink.library.smu.edu.sg/sis_research/2260 https://ink.library.smu.edu.sg/context/sis_research/article/3260/viewcontent/GaoDControlFlowObfuscationsecurecomm14.pdf |
| _version_ |
1770571937877065728 |