Carnegie Mellon University
|Topic:||Software Protection In Malicious Environments|
|Date:||Thursday, October 25, 2001|
|Place:||Gould-Simpson, Room 701|
We consider the problem of protecting executing software in malicious environments. This talk presents an approach that prevents an important form of program analysis--static analysis. Our approach consists of two fundamental techniques:
- a) Degeneration of the program static control flow;
- b) Introducing pervasive aliasing.
We prove that analyzing the transformed program statically is an NP-hard problem. Complexity-theoretic bounds on approximate analysis methods are provided. The transformations are implemented in a C compiler. Program performance results are presented. Empirical experiments with existing analysis tools showed that static analysis for the transformed programs are hindered to a significant degree.