(DEPSCOR FY 09) Obfuscation and Deobfuscation of Intent of Computer Programs

Abstract

This research aimed at developing a theoretical framework to predict the next obfuscation (or deobfuscation) move of the adversary, with the intent of making cyber defense proactive. The goal was to understand the relationship between obfuscation and deobfuscation techniques employed in malware offense and defense. The strategy was to build upon previous work of Giacobazzi and Dalla Preda on modeling obfuscation and deobfuscation as abstract interpretations, further that effort by developing an analytical model of the best obfuscation with respect to a deobfuscator. In addition, this research aimed at developing cost models for obfuscation and deobfuscations. The key findings of this research include: a theoretical model of computing the best obfuscation for a deobfuscator, a method for context-sensitive analysis of obfuscated code, a method for learning obfuscation transformations used by a metamorphic engine, several insights into the use of machine learning in deobfuscation, and game-theoretic models of certain scenarios of offense-defense games in software protection.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 21, 2012
Accession Number
ADA583338

Entities

People

  • Arun Lakhotia
  • Vir V. Phoha

Organizations

  • University of Louisiana at Lafayette

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Artificial Intelligence
  • Artificial Intelligence Software
  • Authentication
  • Classification
  • Computer Programs
  • Computer Science
  • Computers
  • Data Mining
  • Detection
  • Detectors
  • Game Theory
  • Information Science
  • Information Systems
  • Intellectual Property
  • Machine Learning
  • Social Networks
  • Software Development

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Game Theory.

Technology Areas

  • AI & ML
  • Cyber