On Preventing Symbolic Execution Attacks by Low Cost Obfuscation

While various software obfuscation techniques have been proposed to protect software, new types of threats keep emerging such as the symbolic execution attacks. Such attacks automatically analyze programs and are not accounted for by many of the existing obfuscation methods.Nevertheless, several methods against symbolic execution attacks exist such as linear obfuscation methods relying on Collatz conjuncture or obfuscation methods based on one-way hash functions. However, these methods bear several issues. Namely, linear obfuscation is weak against manual analysis due to its deterministic output. On the other hand, SHA-1 requires significant computational cost; and thus, it can be applied to only a limited number of targets.Therefore, in this research, we propose to employ a combination of several computationally cheap (arithmetic) obfuscating operations for preventing symbolic execution attacks. Through an experiment using angr and KLEE as symbolic execution tools, we demonstrate that obfuscation operation using array reference, bit rotation and XOR effectively prevents symbolic execution attacks at a low computational cost.