Overview
Explore an effective approach to software obfuscation in this 26-minute conference talk from BSidesSF 2020. Delve into the essential aspects of obfuscation, uncovering the fundamental flaws in modern implementations and learning the correct way to approach this critical security technique. Examine examples of current obfuscation methods, understand the deobfuscation process, and discover key concepts such as Control-Flow Graph (CFG) Flattering Theory. Learn about innovative solutions, including disassembly desynchronization and opaque predicates, to enhance software protection. Gain valuable insights into hiding genuine instructions and walk away with a main takeaway that will transform your understanding of effective software obfuscation.
Syllabus
Intro
What is Software Obfuscation!
More Definitions..
Software Obfuscation != Cryptography
Deobfuscation Process
Effects of Modern Obfuscation
Control-Flow Graph (CFG) Flattering Theory
Modern Obfuscation = Noisy!
Solution
Disassembly Desynchronization
Opaque Predicates
Hiding Genuine Instruction Displayed
Main Takeaway
Taught by
Security BSides San Francisco