We present a new approach to individualize programs at the machine- and byte-code levels. Our superdiversification methodology is based on the compiler technique of superoptimization, which performs a brute-force search over all possible short instruction sequences to find minimum-size implementations of desired functions. Superdiversification also searches for equivalent code sequences, but we guide the search by restricting the allowed instructions and operands to control the types of generated code. Our goal is not necessarily the shortest or most optimal code sequence, but an individualized sequence identified by a secret key or other means, as determined by user-specified criteria. Also, our search is not limited to commodity instruction sets, but can work over arbitrary byte-codes designed for software randomization and protection. Applications include patch obfuscation to complicate reverse engineering and exploit creation, as well as binary diversification to frustrate malicious code tampering. We believe that this approach can serve as a useful element of a comprehensive software-protection system. © 2008 Springer Berlin Heidelberg.
CITATION STYLE
Jacob, M., Jakubowski, M. H., Naldurg, P., Saw, C. W., & Venkatesan, R. (2008). The superdiversifier: Peephole individualization for software protection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5312 LNCS, pp. 100–120). Springer Verlag. https://doi.org/10.1007/978-3-540-89598-5_7
Mendeley helps you to discover research relevant for your work.