Deobfuscating tools for the validation and verification of tamper-proofed software

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$99,999.00
Award Year:
2006
Program:
STTR
Phase:
Phase I
Contract:
FA8650-06-M-8079
Award Id:
78086
Agency Tracking Number:
O064-NC5-1013
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
317 N. Aurora Street, Ithaca, NY, 14850
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
603978321
Principal Investigator:
Thomas Johnson
Software Engineer
(607) 273-7340
tjohnson@grammatech.com
Business Contact:
Ray Teitelbaum
CEO Chairman
(607) 273-7340
tt@grammatech.com
Research Institute:
UNIV. OF WISCONSIN, COMP. SCI.
Thomas Reps
1210 West Dayton Street
Madison, WI, 53706
(608) 262-2091
Nonprofit college or university
Abstract
We propose a deobfuscation tool that uses machine-code analysis to expose self-protecting malware for further analysis (e.g., by an automated malware detector, or a human analyst) using dynamic disassembly techniques. The proposed deobfuscator will also be capable of checking that the (self-protecting) program output from a tamper-proofing tool is indeed protected, and has the same behavior as the input program. Our approach combines the strengths of static analysis and dynamic analysis. This allows us to have the precision of dynamic analysis, but with much better coverage, thus recovering some of the completeness of static analysis.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government