无尺寸约束的不透明谓词构建算法  

作　　者：王雨芳 乐德广[2,3] Jack TAN 肖乐 龚声蓉[2] WANG Yufang;LE Deguang;Jack TAN;XIAO Le;GONG Shengrong(School of Computer Science and Technology,Soochow University,Suzhou,Jiangsu 215006,China;School of Computer Science and Engineering,Changshu Institute of Technology,Suzhou,Jiangsu 215500,China;Department of Computer Science,University of Wisconsin-Eau Claire,Eau Claire,Wisconsin 54701,USA)

机构地区：[1]苏州大学计算机科学与技术学院,江苏苏州215006 [2]常熟理工学院计算机科学与工程学院,江苏苏州215500 [3]威斯康星大学欧克莱尔分校计算机系,威斯康星欧克莱尔54701

出　　处：《计算机科学》2023年第8期352-358,共7页Computer Science

基　　金：国家自然科学基金(61972059);江苏省产学研合作项目(BY2021280);江苏省自然科学基金(BK20191475);江苏省高校“青蓝工程”中青年学术带头人培养对象项目(2019);江苏省教育科学“十四五”规划课题(C-b/2020/01/29)。

摘　　要：结合不透明谓词,控制流混淆可以进行语义保持的变换,从而达到代码保护的目的。然而,现有的不透明谓词容易遭受符号执行攻击且存在小符号变量问题。为了解决上述问题,结合符号变量和数组利用单数组元素嵌套和符号变量模加运算设计不等条件表达式,并提出无尺寸约束的不透明谓词构建算法。基于该算法构建的不透明谓词混淆可以令攻击者错误地将不透明谓词识别为普通谓词或者将普通谓词识别为不透明谓词,从而有效抵御符号执行攻击。此外,利用不透明谓词检测以及虚假控制流去除等测试程序,对应用了无尺寸约束的不透明谓词混淆后程序的强度、弹性及开销进行实验测试分析。测试结果表明,基于所提算法实现的不透明谓词混淆不仅具有高强度和低开销,而且在新测试环境下仍然具有较高的抗反混淆弹性。Combined with opaque predicate,control flow obfuscation enables semantics-preserving transformations,which can achieve the purpose of code protection.However,existing opaque predicate is easily attacked by symbolic execution and has the problem of small symbolic variable.To solve the above problems,combined with symbolic variable and array,this paper designs the conditional expression of inequality by single array nesting and modulo add operation of symbolic variable,based on which an algorithm for constructing opaque predicate without size constraints is proposed.The opaque predicate obfuscation based on the proposed algorithm can incur not only false negative but also false positive issues to attackers,which effectively defends against symbolic execution attacks.Besides,the potency,resilience and cost of the program obfuscated by opaque predicate without size constraints are experimentally tested and analyzed by measuring procedures such as opaque predicate detection,bogus control flow removal and so on.Experimental results show that the opaque predicate obfuscation based on the proposed algorithm not only demonstrates excellent potency and efficient cost,but also has high resilience to anti-deobfuscation in new test environment.

关 键 词：不透明谓词 符号内存 数组嵌套 代码混淆 符号执行 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]