Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation
share
Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under a new light, transforming program functions into chains of gadgets that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand state-to-the-art static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant increase in the amount of resources that would be required to carry man-at-the-end attacks.
READ FULL TEXT