On May 19th, 2015, we have presented our paper Obfuscator-LLVM: Software Protection for the Masses, co-written with Julien Rinaldini, Johan Wehrli and Julie Michielin at the IEEE-SPRO’15 workshop, colocated with ICSE, in Firenze (Italy). The talk slides are also available and the open-source version of our tool can be downloaded here.
Here is the paper’s abstract:
Software security with respect to reverse-engineering is a challenging discipline that has been researched for several years and which is still active. At the same time, this field is inherently practical, and thus of industrial relevance: indeed, protecting a piece of software against tampering, malicious modifications or reverse-engineering is a very difficult task. In this paper, we present and discuss a software obfuscation prototype tool based on the LLVM compilation suite. Our tool is built as different passes, where some of them have been open-sourced and are freely available, that work on the LLVM Intermediate Representation (IR) code. This approach brings several advantages, including the fact that it is language-agnostic and mostly independent of the target architecture. Our current prototype supports basic instruction substitutions, insertion of bogus control-flow constructs mixed with opaque predicates, control-flow flattening, procedures merging as well as a code tamper-proofing algorithm embedding code and data checksums directly in the control-flow flattening mechanism.