Code Obfuscation for Protection Against
Assembly Level Code Reversing
Group 10
Final Minor Internal Presentation

Adwiteey...
Contents
 Problem Description
 Our Approach
 System Design
 Implementation
 Tests
 Results
 Ratings
 References
 ...
Problem Description

A model needs to be developed that can slow
down cracking/reversing of software.

Code Obfuscation fo...
Related Work
 Copyright Laws
 Media Protection Schemes.
 Serial Number based Authentication.
 Hardware Based Serial No...
Our Approach

Inlining a VM with a customized instruction set
and porting a packer + encryption routine
over it.

Code Obf...
System Design
 7 Registers, 32 Bits.
 65,536 * 4 bytes stack.
 Header free, read only Rom Input.
 183 Instructions in ...
Implementation
 Following routines were ported.
Addition
Array Implementation
Loop
Linear Search
Substitution Cipher...
Flow of Code
On the Fly Expansion

ALGORITHM
Enter Elements of the Dictionary on stack
Read Rom to get Index

Get Value from the Sta...
Tests
• Q1 : Have you reversed an Obfuscated code
before ?
• Q2 : Was the code structure familiar to you?
• Q3 : Were you ...
Results
6

5

4

3

NO

YES
2

1

0
Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Code Obfuscati...
How Tough ?

Rated an average of 8.7/10 difficulty

Code Obfuscation for Protection Against Assembly Level Code Reversing
References | TOP 4
• The Enlightenment(2) :
Reversing Secrets Of Reverse Engineering, The art of
Assembly
• Getting Starte...
Future Scope







Porting an existing Anti - Debugging Routine.
A randomizer function.
Porting Multiple VMs
Writin...
The End

Thanks
Upcoming SlideShare
Loading in …5
×

OIVM

680 views

Published on

This is presentation I made for the final presentation on the minor project for college.

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
680
On SlideShare
0
From Embeds
0
Number of Embeds
324
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

OIVM

  1. 1. Code Obfuscation for Protection Against Assembly Level Code Reversing Group 10 Final Minor Internal Presentation Adwiteeya Agrawal 08496303110 Kritika Sobti 10296303110 Code Obfuscation for Protection Against Assembly Level Code Reversing
  2. 2. Contents  Problem Description  Our Approach  System Design  Implementation  Tests  Results  Ratings  References  Future Scope Code Obfuscation for Protection Against Assembly Level Code Reversing
  3. 3. Problem Description A model needs to be developed that can slow down cracking/reversing of software. Code Obfuscation for Protection Against Assembly Level Code Reversing
  4. 4. Related Work  Copyright Laws  Media Protection Schemes.  Serial Number based Authentication.  Hardware Based Serial No authentication.  Software as a service  Antireversing – Program Encryption, Anti – Debugging, Removing Info Disclosures
  5. 5. Our Approach Inlining a VM with a customized instruction set and porting a packer + encryption routine over it. Code Obfuscation for Protection Against Assembly Level Code Reversing
  6. 6. System Design  7 Registers, 32 Bits.  65,536 * 4 bytes stack.  Header free, read only Rom Input.  183 Instructions in 11 categories. One Byte format.  RUN to execute fetch, decode and execute.  Special Instruction to execute realloc for runtime expansion of code. Code Obfuscation for Protection Against Assembly Level Code Reversing
  7. 7. Implementation  Following routines were ported. Addition Array Implementation Loop Linear Search Substitution Cipher On the Fly Code Decryption On the Fly Code Unpacking(POC) Code Obfuscation for Protection Against Assembly Level Code Reversing
  8. 8. Flow of Code
  9. 9. On the Fly Expansion ALGORITHM Enter Elements of the Dictionary on stack Read Rom to get Index Get Value from the Stack and place new code on the stack Write Rom
  10. 10. Tests • Q1 : Have you reversed an Obfuscated code before ? • Q2 : Was the code structure familiar to you? • Q3 : Were you able to Reverse the program ? • Q4 : Were you able to Patch the program ? • Q5 : Were you able to identify that this is a VM ? • Q6 : Would it be faster if you knew this was a VM beforehand? Code Obfuscation for Protection Against Assembly Level Code Reversing
  11. 11. Results 6 5 4 3 NO YES 2 1 0 Question 1 Question 2 Question 3 Question 4 Question 5 Question 6 Code Obfuscation for Protection Against Assembly Level Code Reversing
  12. 12. How Tough ? Rated an average of 8.7/10 difficulty Code Obfuscation for Protection Against Assembly Level Code Reversing
  13. 13. References | TOP 4 • The Enlightenment(2) : Reversing Secrets Of Reverse Engineering, The art of Assembly • Getting Started : http://en.wikibooks.org/wiki/Creating_a_Virtual_Mach ine/Register_VM_in_C • Similar but Minimal Approach : http://crackmes.de/users/opcode0x90/crackme_nop_v m Code Obfuscation for Protection Against Assembly Level Code Reversing
  14. 14. Future Scope       Porting an existing Anti - Debugging Routine. A randomizer function. Porting Multiple VMs Writing a compiler Byte Translation : Emulator Porting more complex but critical functions to OIVM Code Obfuscation for Protection Against Assembly Level Code Reversing
  15. 15. The End Thanks

×