AI-based Blackbox Code Deobfuscation: Understand, Improve and Mitigate

by   Grégoire Menguy, et al.

Code obfuscation aims at protecting Intellectual Property and other secrets embedded into software from being retrieved. Recent works leverage advances in artificial intelligence with the hope of getting blackbox deobfuscators completely immune to standard (whitebox) protection mechanisms. While promising, this new field of AI-based blackbox deobfuscation is still in its infancy. In this article we deepen the state of AI-based blackbox deobfuscation in three key directions: understand the current state-of-the-art, improve over it and design dedicated protection mechanisms. In particular, we define a novel generic framework for AI-based blackbox deobfuscation encompassing prior work and highlighting key components; we are the first to point out that the search space underlying code deobfuscation is too unstable for simulation-based methods (e.g., Monte Carlo Tres Search used in prior work) and advocate the use of robust methods such as S-metaheuritics; we propose the new optimized AI-based blackbox deobfuscator Xyntia which significantly outperforms prior work in terms of success rate (especially with small time budget) while being completely immune to the most recent anti-analysis code obfuscation methods; and finally we propose two novel protections against AI-based blackbox deobfuscation, allowing to counter Xyntia's powerful attacks.


page 1

page 2

page 3

page 4


The Combination of Metal Oxides as Oxide Layers for RRAM and Artificial Intelligence

Resistive random-access memory (RRAM) is a promising candidate for next-...

Artificial intelligence and radiation protection. A game changer or an update?

Artificial intelligence (AI) is regarded as one of the most disruptive t...

Artificial Intelligence as an Anti-Corruption Tool (AI-ACT) – Potentials and Pitfalls for Top-down and Bottom-up Approaches

Corruption continues to be one of the biggest societal challenges of our...

Governance of the AI, by the AI, and for the AI

Over the past half century, there have been several false dawns during w...

Device-Bind Key-Storageless Hardware AI Model IP Protection: A PUF and Permute-Diffusion Encryption-Enabled Approach

Machine learning as a service (MLaaS) framework provides intelligent ser...

A Neighbourhood Framework for Resource-Lean Content Flagging

We propose a novel interpretable framework for cross-lingual content fla...

Please sign up or login with your details

Forgot password? Click here to reset