VODKA: Virtualization obfuscation using dynamic key approach

Jae Yung Lee, Jae Hyuk Suk, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The virtualization obfuscation technique is known to possess excellent security among software protection techniques. However, research has shown that virtualization obfuscation techniques can be analyzed by automated analysis tools because the deobfuscate virtualization obfuscation methodology is fixed. In this situation, additional protection techniques of the virtualization structure have been studied to supplement the protection strength of virtualization obfuscation. However, most of the proposed protection schemes require a special assumption or significantly increase the overhead of the program to be protected. In this paper, we propose a delayed analysis method for a lightweight virtualization structure that does not require a strong assumption. Hence, we propose a new virtual code protection scheme combining an anti-analysis technique and dynamic key, and explain its mechanism. This causes correspondence ambiguity between the virtual code and the handler code, thus causing analysis delay. In addition, we show the result of debugging or dynamic instrumentation experiment when the additional anti-analysis technique is applied.

Original languageEnglish
Title of host publicationInformation Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers
EditorsBrent ByungHoon Kang, JinSoo Jang
PublisherSpringer Verlag
Pages131-145
Number of pages15
ISBN (Print)9783030179816
DOIs
Publication statusPublished - 2019 Jan 1
Event19th World International Conference on Information Security and Application, WISA 2018 - Jeju Island, Korea, Republic of
Duration: 2018 Aug 232018 Aug 25

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11402 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference19th World International Conference on Information Security and Application, WISA 2018
CountryKorea, Republic of
CityJeju Island
Period18/8/2318/8/25

Keywords

  • Anti-analysis
  • Dynamic key
  • Software protection
  • Virtualization obfuscation

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'VODKA: Virtualization obfuscation using dynamic key approach'. Together they form a unique fingerprint.

  • Cite this

    Lee, J. Y., Suk, J. H., & Lee, D. H. (2019). VODKA: Virtualization obfuscation using dynamic key approach. In B. B. Kang, & J. Jang (Eds.), Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers (pp. 131-145). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11402 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-17982-3_11