Skip to Main content Skip to Navigation
Conference papers

Defeating Opaque Predicates Statically through Machine Learning and Binary Analysis

Abstract : We present a new approach that bridges binary analysis techniques with machine learning classification for the purpose of providing a static and generic evaluation technique for opaque predicates, regardless of their constructions. We use this technique as a static automated deobfuscation tool to remove the opaque predicates introduced by obfuscation mechanisms. According to our experimental results, our models have up to 98% accuracy at detecting and deob-fuscating state-of-the-art opaque predicates patterns. By contrast, the leading edge deobfuscation methods based on symbolic execution show less accuracy mostly due to the SMT solvers constraints and the lack of scalability of dynamic symbolic analyses. Our approach underlines the efficiency of hybrid symbolic analysis and machine learning techniques for a static and generic deobfuscation methodology.
Complete list of metadata

Cited literature [46 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02269192
Contributor : Ramtine Tofighi-Shirazi Connect in order to contact the contributor
Submitted on : Friday, August 30, 2019 - 4:35:17 PM
Last modification on : Tuesday, May 11, 2021 - 11:36:06 AM
Long-term archiving on: : Friday, January 10, 2020 - 2:06:41 PM

Files

R.Tofighi-Shirazi et al. - Bre...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02269192, version 1

Collections

Citation

Ramtine Tofighi-Shirazi, Irina Mariuca Asavoae, Philippe Elbaz-Vincent, Thanh-Ha Le. Defeating Opaque Predicates Statically through Machine Learning and Binary Analysis. 3rd International Workshop on Software PROtection, Nov 2019, London, United Kingdom. ⟨hal-02269192⟩

Share

Metrics

Record views

231

Files downloads

711