Publication

Obfuscating windows DLLs

Book Contribution - Book Chapter Conference Contribution

We present two techniques to obfuscate the interfaces between application binaries and Windows system DLLs (dynamic-link libraries). The first technique obfuscates the related symbol information in the binary to prevent static analyses from identifying the invoked library functions. The second technique combines static linking with code obfuscation to avoid the external interface altogether, thus preventing dynamic attacks as well. This is done while still maintaining compatibility with multiple Windows versions, through run-time adaptation of the application. As the first concrete result of this ongoing research, we demonstrate and evaluate the techniques using a proof-of concept tool applied to a simple test program.

Book: 2015 IEEE/ACM 1ST INTERNATIONAL WORKSHOP ON SOFTWARE PROTECTION (SPRO)

Pages: 24 - 30

ISBN:978-1-4673-7094-3

Publication year:2015

Handle: http://hdl.handle.net/1854/LU-5969965
WoS Id: 000381500400006

BOF-keylabel:yes

IOF-keylabel:yes

Accessibility:Closed

Publication

Obfuscating windows DLLs

Book Contribution - Book Chapter Conference Contribution

Authors/publisher

Research units

Projects