By Obfuscation Benchmarks we mean programs which can be obfuscated using different tools at: source code, intermediate representation and/or machine code level. The reason for obfuscating these programs can be (but is not limited) to compare the strength of different obfuscation transformations/implementations against both human-assisted and automated attacks. This repository contains the source code of C programs, which can be used as obfuscation benchmarks.
- basic-algorithmscontains typical algorithms taught in Bachelor level computer science and programming courses, e.g. factorial, sorting algorithms, searching algorithms, greatest common divisor, least common multiple, etc.
- resourcescontains archives of some of the tools we used for our experiments. We install these tools in an automated Docker build (instructions provided below), where one can play around with the tools and scripts provided in this repository, without the hassle of installing an configurating everything from scratch.
- simple-hash-functionscontains non-cryptographic hash functions
- small-programscontains a set of 48 programs with few lines of code constructed by varying the following code characteristics:- Range of symbolic inputs
- Number of symbolic inputs
- Depth of nested control flow
- Number of IF-statements
- Number of input dependent IF-statements
- Type of IF-condition
- Number of loops
- Number of input length dependent loops (e.g. if the input is 10 characters long, then the loop has 10 iterations)
- Number of input value dependent loops (e.g. if the input is an integer equal to 100, then the loop has 100 iterations)
 
- tigress-generated-programscontains a large set of programs automatically generated by the- RandomFunstransformation of the Tigress C Diversifier/Obfuscator by varying the following command line options:- Seedrandomization seed
- RandomFunsTypesdata type of variables
- RandomFuns Operatorstypes of operators (e.g. arithmetic, logic)
- RandomFunsControlStructurescontrol structure of the program
- RandomFunsBasicBlockSizethe number of statements in each basic block
- RandomFunsForBoundthe type of bound in loop conditions (e.g. constant, input dependent)
 
- scripscontains bash, Python and R scripts to obfuscate C programs using the Tigress and ollvm obfuscation tools and to perform a symbolic execution attack described a series of papers by Banescu et al. [1], [2] and [3]. For more details about how to use these scripts see README inside folder.
Based on Ubuntu 14.04, having the following software installed:
- KLEE symbolic execution engine (latest Docker)
- Tigress C Obfuscator (version 2.2)
- SATGraf (version 0.2)
- Z3 SMT Solver (version 4.5.0)
- Username: klee
- Password: klee
To run GUI apps from the container execute the following command:
XSOCK=/tmp/.X11-unix
XAUTH=/tmp/.docker.xauth
touch $XAUTH
xauth nlist $DISPLAY | sed -e 's/^..../ffff/' | xauth -f $XAUTH nmerge -
docker run -it --volume=$XSOCK:$XSOCK:rw \
               --volume=$XAUTH:$XAUTH:rw \
               --env="XAUTHORITY=${XAUTH}" \
               --env="DISPLAY" --user="klee" banescusebi/obfuscation-symexIf you also want to mount your current directoy to a directlory called
test then replace the last command from above with:
docker run -it --volume=$XSOCK:$XSOCK:rw \
               --volume=$XAUTH:$XAUTH:rw \
               --env="XAUTHORITY=${XAUTH}" \
               --env="DISPLAY" --user="klee" \
               --mount type=bind,src="$(pwd)",dst=/home/klee/test \
               banescusebi/obfuscation-symexThis post helpful to follow in order to run GUI apps from the container on macOS X. For convenience we present the steps here:
brew install socat
socat TCP-LISTEN:6000,reuseaddr,fork UNIX-CLIENT:\"$DISPLAY\"Install xQuartz either using the following commands or downloding the .dmg file from the website.
brew install xquartzAfter installing xQuartz run the following command:
open -a XQuartzIn the preferences window of XQuartz, in the "Security" tab, check the "Allow connections from network clients" checkbox.
IP=$(ifconfig en0 | grep inet | awk '$1=="inet" {print $2}')
docker run -it -v /tmp/.X11-unix:/tmp/.X11-unix \
           -e DISPLAY=$IP:0 banescusebi/obfuscation-symex- Banescu, S., Ochoa, M., & Pretschner, A. (2015, May). A framework for measuring software obfuscation resilience against automated attacks. In Proceedings of the 1st International Workshop on Software Protection.
- Banescu, S., Collberg, C., Ganesh, V., Newsham, Z., & Pretschner, A. (2016, December). Code obfuscation against symbolic execution attacks. In Proceedings of the 32nd Annual Conference on Computer Security Applications.
- Banescu, S., Collberg, C., & Pretschner, A. (2017, August). Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning. In Proceedings of the 26th USENIX Security Symposium.
- Banescu, S. E. (2017, August). Characterizing the Strength of Software Obfuscation Against Automated Attacks. Doctoral dissertation, Technische Universität München.