LLVM passes implementing generalized dynamic opaque predicates and extensions of the idea.
Final project for EECS 583 - Advanced Compilers at the University of Michigan.
Gabriel Garfinkel, Marshall Rhea, and Michael Wolf
Run scripts/build
. This will cmake and make to build each pass and the utils
library in your build directory.
Before we obfuscate a program, we must compile it to LLVM bitcode. Run scripts/compile <.c file to compile> (output directory)
to accomplish this. Due to limitations of obfuscator-llvm, we only support optimization of c files.
Alternatively, you can manually compile to LLVM bticode using the command
clang-12 -emit-llvm <input_file.c> -c -o <output_name.bc>
We provide a number of test C programs in the tests/
directory, and we include the gnu coreutils
project as a submodule to use for benchmarking.
Run the script scripts/opt (-h) <.bc file to obfuscate> <pass>
. The passes provided in our project are:
- boguscf : Obfuscation pass to insert opque predicates into straight-line code, generating junk code for the not-taken path. Adapted from - obfuscator-llvm.
- DopSeq : Obfuscation pass to insert dynamic opaque predicates into straight line code. Adapted from gdop.
- obfuscator-llvm An extension of llvm version 4.0 containing obfuscation passes. One of these passes inserts opaque predicates.
- gdop, related paper download: A research project implementing a "generalized dynamic opaque predicate" that is more complex than previous dynamic opaque predicates. Based on obfuscator-llvm.
- LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code. A tool that uses symbolic execution to detect opaque predicates. This is the detection tool that generalized dynamic opaque predicates are designed to beat.