Deobfuscating tools for the validation and verification of tamper-proofed software

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-07-C-1207
Agency Tracking Number: O064-NC5-1013
Amount: $750,000.00
Phase: Phase II
Program: STTR
Awards Year: 2007
Solicitation Year: 2006
Solicitation Topic Code: OSD06-NC5
Solicitation Number: N/A
Small Business Information
GRAMMATECH, INC.
317 N. Aurora Street, Ithaca, NY, 14850
DUNS: 603978321
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Thomas Johnson
 Software Engineer
 (607) 273-7340
 tjohnson@grammatech.com
Business Contact
 Ray Teitelbaum
Title: CEO/Chairman
Phone: (607) 273-7340
Email: tt@grammatech.com
Research Institution
 THE JOHNS HOPKINS UNIV-APL
 Andy Thompson
 11100 Johns Hopkins Road
Laurel, MD, 20723 6099
 (240) 228-0708
 Domestic nonprofit research organization
Abstract
Recently, there has been an increase in the use of anti-tamper techniques (e.g., obfuscation) in all types of software. However, applying anti-tamper techniques is technically challenging, and when applied to large, sophisticated software, there is a danger of introducing subtle bugs, or not introducing sufficient protection. The existing state of anti-tamper technology is undesirable in that it (a) is much too effective at protecting (small) malware samples, but (b) does not offer sufficient guarantees of correctness and protection for (large) legitimate applications. We propose a deobfuscation tool that uses machine-code analysis to check that the (self-protecting) program output from a tamper-proofing tool is indeed protected, and has the same behavior as the input program. This deobfuscator leverages concolic analysis techniques. Program analysis techniques can be divided into dynamic analyses that observe the subject program when executed on a set of inputs, and static analyses that consider all possible executions, without executing the subject program on any particular input. Each approach has its strengths and weaknesses. Concolic analysis combines static and dynamic analyses and leverage the strengths of each to counter the weaknesses of the other.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government