Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.advisorRoca Cánovas, Raúl-
dc.contributor.advisorBenseny, Antoni-
dc.contributor.advisorReyes De Los Mozos, Mario-
dc.contributor.authorGàmez i Montolio, Arnau-
dc.descriptionTreballs Finals de Grau de Matemàtiques, Facultat de Matemàtiques, Universitat de Barcelona, Any: 2020, Director: Raúl Roca Cánovas, Antoni Benseny i Mario Reyes de los Mozosca
dc.description.abstract[en] This project studies the theoretical background of Mixed Boolean-Arithmetic (MBA) expressions as well as its practical applicability within the field of code obfuscation, which is a technique used both by malware threats and software protection in order to complicate the process of reverse engineering (parts of) a program. An MBA expression is composed of integer arithmetic operators, e.g. $(+,-, *)$ and bitwise operators, e.g. $(\wedge, \vee, \oplus, \neg).$ MBA expressions can be leveraged to obfuscate the data-flow of code by iteratively applying rewrite rules and function identities that complicate (obfuscate) the initial expression while preserving its semantic behavior. This possibility is motivated by the fact that the combination of operators from these different fields do not interact well together: we have no rules (distributivity, factorization...) or general theory to deal with this mixing of operators. Current deobfuscation techniques to address simplification of this type of data-flow obfuscation are limited by being strongly tied to syntactic complexity. We explore novel program synthesis approaches for addressing simplification of MBA expressions by reasoning on the semantics of the obfuscated expressions instead of syntax, discussing their applicability as well as their limits. We present our own tool $r$ 2syntia that integrates Syntia, an open source program synthesis tool, into the reverse engineering framework radare 2 in order to retrieve the semantics of obfuscated code from its Input/Output behavior. Finally, we provide some improvement ideas and potential areas for future work to be
dc.format.extentx p.-
dc.rightscc-by-nc-nd (c) Arnau Gàmez i Montolio, 2020-
dc.sourceTreballs Finals de Grau (TFG) - Matemàtiques-
dc.subject.classificationMatemàtica discretaca
dc.subject.classificationTreballs de fi de grau-
dc.subject.classificationTeoria de la computacióca
dc.subject.classificationLògica matemàticaca
dc.subject.classificationÀlgebra universalca
dc.subject.otherDiscrete mathematicsen
dc.subject.otherBachelor's theses-
dc.subject.otherTheory of computationen
dc.subject.otherMathematical logicen
dc.subject.otherUniversal algebraen
dc.titleCode deobfuscation by program synthesis-aided simplification of mixed boolean-arithmetic expressionsca
Appears in Collections:Treballs Finals de Grau (TFG) - Enginyeria Informàtica
Programari - Treballs de l'alumnat
Treballs Finals de Grau (TFG) - Matemàtiques

Files in This Item:
File Description SizeFormat 
codi_176925.zipCodi font165.57 kBzipView/Open
176925.pdfMemòria2.52 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons