Generation of efficient obfuscated code through just-in-time compilation

Muhammad Hataba, Ahmed El-Mahdy, Kazunori Ueda

Research output: Contribution to journalArticle

Abstract

Nowadays the computing technology is going through a major paradigm shift. Local processing platforms are being replaced by physically out of reach yet more powerful and scalable environments such as the cloud computing platforms. Previously, we introduced the OJIT system as a novel approach for obfuscating remotely executed programs, making them difficult for adversaries to reverse-engineer. The system exploited the JIT compilation technology to randomly and dynamically transform the code, making it constantly changing, thereby complicating the execution state. This work aims to propose the new design iOJIT, as an enhanced approach that patches the old systems shortcomings, and potentially provides more effective obfuscation. Here, we present an analytic study of the obfuscation techniques on the generated code and the cost of applying such transformations in terms of execution time and performance overhead. Based upon this profiling study, we implemented a new algorithm to choose which obfuscation techniques would be better chosen for “efficient” obfuscation according to our metrics, i.e., less prone to security attacks. Another goal was to study the system performance with different applications. Therefore, we applied our system on a cloud platform running different standard benchmarks from SPEC suite.

Original languageEnglish
Pages (from-to)645-649
Number of pages5
JournalIEICE Transactions on Information and Systems
VolumeE102D
Issue number3
DOIs
Publication statusPublished - 2019 Mar 1

Fingerprint

Cloud computing
Engineers
Processing
Costs

Keywords

  • Cloud computing security
  • Dynamic compilation
  • Obfuscation
  • Optimization transformations
  • Side-channels

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Vision and Pattern Recognition
  • Electrical and Electronic Engineering
  • Artificial Intelligence

Cite this

Generation of efficient obfuscated code through just-in-time compilation. / Hataba, Muhammad; El-Mahdy, Ahmed; Ueda, Kazunori.

In: IEICE Transactions on Information and Systems, Vol. E102D, No. 3, 01.03.2019, p. 645-649.

Research output: Contribution to journalArticle

@article{68a204392fc443de88095ab3e99b0e09,
title = "Generation of efficient obfuscated code through just-in-time compilation",
abstract = "Nowadays the computing technology is going through a major paradigm shift. Local processing platforms are being replaced by physically out of reach yet more powerful and scalable environments such as the cloud computing platforms. Previously, we introduced the OJIT system as a novel approach for obfuscating remotely executed programs, making them difficult for adversaries to reverse-engineer. The system exploited the JIT compilation technology to randomly and dynamically transform the code, making it constantly changing, thereby complicating the execution state. This work aims to propose the new design iOJIT, as an enhanced approach that patches the old systems shortcomings, and potentially provides more effective obfuscation. Here, we present an analytic study of the obfuscation techniques on the generated code and the cost of applying such transformations in terms of execution time and performance overhead. Based upon this profiling study, we implemented a new algorithm to choose which obfuscation techniques would be better chosen for “efficient” obfuscation according to our metrics, i.e., less prone to security attacks. Another goal was to study the system performance with different applications. Therefore, we applied our system on a cloud platform running different standard benchmarks from SPEC suite.",
keywords = "Cloud computing security, Dynamic compilation, Obfuscation, Optimization transformations, Side-channels",
author = "Muhammad Hataba and Ahmed El-Mahdy and Kazunori Ueda",
year = "2019",
month = "3",
day = "1",
doi = "10.1587/transinf.2018EDL8180",
language = "English",
volume = "E102D",
pages = "645--649",
journal = "IEICE Transactions on Information and Systems",
issn = "0916-8532",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "3",

}

TY - JOUR

T1 - Generation of efficient obfuscated code through just-in-time compilation

AU - Hataba, Muhammad

AU - El-Mahdy, Ahmed

AU - Ueda, Kazunori

PY - 2019/3/1

Y1 - 2019/3/1

N2 - Nowadays the computing technology is going through a major paradigm shift. Local processing platforms are being replaced by physically out of reach yet more powerful and scalable environments such as the cloud computing platforms. Previously, we introduced the OJIT system as a novel approach for obfuscating remotely executed programs, making them difficult for adversaries to reverse-engineer. The system exploited the JIT compilation technology to randomly and dynamically transform the code, making it constantly changing, thereby complicating the execution state. This work aims to propose the new design iOJIT, as an enhanced approach that patches the old systems shortcomings, and potentially provides more effective obfuscation. Here, we present an analytic study of the obfuscation techniques on the generated code and the cost of applying such transformations in terms of execution time and performance overhead. Based upon this profiling study, we implemented a new algorithm to choose which obfuscation techniques would be better chosen for “efficient” obfuscation according to our metrics, i.e., less prone to security attacks. Another goal was to study the system performance with different applications. Therefore, we applied our system on a cloud platform running different standard benchmarks from SPEC suite.

AB - Nowadays the computing technology is going through a major paradigm shift. Local processing platforms are being replaced by physically out of reach yet more powerful and scalable environments such as the cloud computing platforms. Previously, we introduced the OJIT system as a novel approach for obfuscating remotely executed programs, making them difficult for adversaries to reverse-engineer. The system exploited the JIT compilation technology to randomly and dynamically transform the code, making it constantly changing, thereby complicating the execution state. This work aims to propose the new design iOJIT, as an enhanced approach that patches the old systems shortcomings, and potentially provides more effective obfuscation. Here, we present an analytic study of the obfuscation techniques on the generated code and the cost of applying such transformations in terms of execution time and performance overhead. Based upon this profiling study, we implemented a new algorithm to choose which obfuscation techniques would be better chosen for “efficient” obfuscation according to our metrics, i.e., less prone to security attacks. Another goal was to study the system performance with different applications. Therefore, we applied our system on a cloud platform running different standard benchmarks from SPEC suite.

KW - Cloud computing security

KW - Dynamic compilation

KW - Obfuscation

KW - Optimization transformations

KW - Side-channels

UR - http://www.scopus.com/inward/record.url?scp=85064012486&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85064012486&partnerID=8YFLogxK

U2 - 10.1587/transinf.2018EDL8180

DO - 10.1587/transinf.2018EDL8180

M3 - Article

AN - SCOPUS:85064012486

VL - E102D

SP - 645

EP - 649

JO - IEICE Transactions on Information and Systems

JF - IEICE Transactions on Information and Systems

SN - 0916-8532

IS - 3

ER -