Chapter about Obfuscation #127
Comments
|
Thank you for this suggestion @Fare9 ! It's clear that code obfuscation as done by compilers is on topic for the book. In short, yes, let's have a chapter on code obfuscation. I don't know much myself about code obfuscation. It would be great if we could start with having a chapter with an introduction describing why code obfuscation is used, how it can help with security and -- at a high level -- what the different categories of techniques are that are used. @all-contributors please add @Fare9 for ideas. |
|
I couldn't determine any contributions to add, did you specify any contributions? Could not find the user |
|
Let me try again to let the all contributors bot add Fare9: @all-contributors please add @Fare9 for ideas |
|
I've put up a pull request to add @Fare9! 🎉 |
|
Agree on having a more general chapter, I can go with it introducing the topic. |
LLVM project allows managing code easily through LLVM IR, using an IR allows that some obfuscation techniques can be applied to different programming languages in an abstract way. The LLVM project implements techniques for code optimization but the code can be 'deoptimized' to hide code from analysts or malicious actors, while these protection mechanisms are not perfect, they make people taking longer for their analysis. There are currently various projects using LLVM IR for this: https://github.com/emc2314/YANSOllvm, https://github.com/obfuscator-llvm/obfuscator/wiki or https://github.com/open-obfuscator/o-mvll.
Also as part of a chapter like this, it would be possible saying that LLVM IR can be used for deobfuscation of code, binary code can be 'lifted' to LLVM IR, and PassManager can be used for optimizing obfuscated code, making it more readable.
The text was updated successfully, but these errors were encountered: