USA flag logo/image

An Official Website of the United States Government

Formal-Verification-Based Tool for Deobfuscation of Tamper-Proofed Software

Award Information

Agency:
Department of Defense
Branch:
Office of the Secretary of Defense
Award ID:
78085
Program Year/Program:
2006 / STTR
Agency Tracking Number:
O064-NC5-1006
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
Aries Design Automation, LLC
2705 West Byron Street Chicago, IL 60618-3745
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2006
Title: Formal-Verification-Based Tool for Deobfuscation of Tamper-Proofed Software
Agency / Branch: DOD / OSD
Contract: FA8650-06-M-8081
Award Amount: $100,000.00
 

Abstract:

The rapid increase in the use of the Internet in many aspects of our lives has led to an explosive growth in the spread of malware such as computer worms, viruses, and trojans. Security tools typically examine software for the presence of malware either by looking for specific byte signatures, or (more recently) by analyzing the candidate binary's internal logic. However, it is surprisingly easy to use binary obfuscation to fool current binary analysis tools into making errors that can hide malicious content. Furthermore, tamper-proofing techniques can be used to hinder or prevent dynamic monitoring of such software. The combination of code obfuscation and tamper-proofing can, therefore, make software opaque to security analysis tools. This project aims to address this situation by developing sophisticated techniques for deobfuscating binaries as well as identifying and working around tamper-proofing and anti-monitoring code intended to prevent dynamic monitoring. In order to do this efficiently without affecting program semantics, we will extend and combine SAT-based formal verification procedures developed by one of the co-PIs (Velev) with low-level binary analysis and deobfuscation techniques developed by the other co-PI (Debray). We will leverage and extend existing binary manipulation software developed by Debray to achieve this.

Principal Investigator:

Miroslav N. Velev
President, CEO
7738566633
miroslav.velev@aries-da.com

Business Contact:

Miroslav N. Velev
President, CEO
7738566633
miroslav.velev@aries-da.com
Small Business Information at Submission:

ARIES DESIGN AUTOMATION, LLC
6157 N Sheridan Rd, Suite16M Chicago, IL 60660

EIN/Tax ID: 202887585
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
UNIV. OF ARIZONA
Department of Computer Science, University of Arizona
Tucson, AZ 85721
Contact: Saumya K. Debray
Contact Phone: (520) 621-4527
RI Type: Nonprofit college or university