Self-Protecting Mobile Agents

Self-Protecting Mobile Agents

Tom Van Vleck

Lee Badger

Doug Kilpatrick

Larry D’Anna

Brian Matt

Funded by both OASIS and Active Networks Programs

NAI Labs

March 2002

Not for Public ReleaseNot for Public Release


Problem and Objective

• Problem: Mobile programs are vulnerable to tampering by hosts on which they run.

• Objective: Protect mobile agents from tampering while allowing:

Host Operating System

Agent ExecutionServer

RunningAgent

Code

Data

Attack Attack

High mobility. Detached operation.

Extended deployment periods. Realistic infrastructure requirements.

Web ServerWeb Server

Code Red


Technical Approach (in a nutshell)

agentletagentlet11

HostHost

agentletagentlet22

HostHost

agentletagentlet33

HostHost

agentletagentletNN

HostHost

......

• DistributionDistribution: replicate agents across multiple, : replicate agents across multiple, unrelatedunrelated hosts. hosts.– Present a moving targetPresent a moving target

• Monitoring/Recovery:Monitoring/Recovery: regenerate corrupted “agentlets.” regenerate corrupted “agentlets.”• Code/data Obfuscation:Code/data Obfuscation: prevent host-based analysis prevent host-based analysis

– Refresh obfuscation before analysis can be completedRefresh obfuscation before analysis can be completed

Self-Protecting AgentSelf-Protecting Agent

agentagent

HostHost

Traditional AgentTraditional Agent


Time-limited Black Box

Hohl, Fritz, “An Approach to Solve the Problem of Malicious Hosts”

• A host can deny execution, or lie, but it can’t disrupt the programs’ internal consistency for n seconds.

SourceSourceCodeCode

PolicyPolicyAA

ObfuscationObfuscationTransformTransform Run for Run for nn seconds seconds Stop.Stop.

ObfuscatedObfuscatedSource codeSource code

De-obfuscation takes De-obfuscation takes mm >> >> nn seconds seconds


Goals of Obfuscator

• Prevent understanding of– Implementation structure

– Data values

– Algorithms

• For some amount of time (work)

• Not a toy


Obfuscator Non-Goals

• As strong as cryptography

• Smaller or faster than original

• Weak obscurity -> strong protection

Barak, Goldreich, et al, CRYPTO 2001:Barak, Goldreich, et al, CRYPTO 2001:

““Obfuscation is Obfuscation is impossibleimpossible.” … for their definition.” … for their definition

Random slashdot poster sl956:Random slashdot poster sl956:

“… “… We all know that anybody using the words 'tamper We all know that anybody using the words 'tamper resistant' to describe a software-based solution is resistant' to describe a software-based solution is incompetentincompetent at best. ...” at best. ...”


What We’ve Done Lately

• Obfuscation Techniques Evaluation Report

• Jbet obfuscation tool– Obfuscation transforms

• Control, data

– Packaging• Modular architecture

• Automated test suite (197 tests, one with >300 cases)

• Nightly build


Jbet Obfuscation Tool - Context

JBETJBET

classesclasses

obfuscated obfuscated classesclasses

Plugin TransformsPlugin TransformsObfuscation policyObfuscation policy


Obfuscation Pipeline

ReaderReaderclassesclasses

DAGDAGxformsxforms xformsxforms

CodeCodeGenGen

DAGDAG

DAGDAG

classesclasses

Variable Variable obfuscationsobfuscations

Control flowControl flowObfuscationsObfuscations

OptimizationOptimization& obfuscation& obfuscation


DAG Representation

methodmethod

BasicBasicblockblock



methodmethod



NodeNodeNodeNode

NodeNode

NodeNodeNodeNode

NodeNodeNodeNode

NodeNode

NodeNode

NodeNode

NodeNodeNodeNodeNodeNode

NodeNodeNodeNode

paramsparams

paramsparams


Obfuscation Transforms

• Transient Variable Obfuscation– Offset, CRT, XOR, etc

• Control Flow Obfuscation– Switchify, method and class merging

• Method combination

• Field access

• Introduction of dummy blocks

• Name regeneration


Control Flow

• No method calls except– A few utility calls

– Calls to external classes

• Internal simulated call stack

• Stub classes passed to external methods


Control Flow Obfuscation: Switchify

C B

E

A

condition_1

condition_2D

switch

A

cond

itio

n_1 D

cond

itio

n_2 C B E

exit


Merged Methods

push() pop()

alloc() free()

make_frame()

free_frame()

push() pop()

internal()


Class Merging

• Classes with native methods left separate

• Internal classes fully emulated, vanish


Method Calls

• Simulated call stack

• Virtual methods become table of function addreses, stored as fields, subject to further obfuscation

• Alternative virtual dispatch mechanisms


Field Access

• All variables replaced by refs to storage container class.

class Memory {class Memory {

int[] I;int[] I;

float[] F;float[] F;

Object[] L;Object[] L;

long[] J;long[] J;

double[] D;double[] D;

memory[] N;memory[] N;

}}


Exceptions

• Semantics preserved but athrow not used

• Try/catch/throw internal to a method– Handler address known statically

• General– Emulated with dynamic list of active handlers


Simple Demo

public class Test {public class Test {

public static void main(String[] a) {public static void main(String[] a) {

for (int i = 0; i < 10; i++) {for (int i = 0; i < 10; i++) {

System.out.println(i);System.out.println(i);

}}

}}

• This is a hard program to obfuscate

• Transient variable obfuscation is easy to see through.

• Control flow obfuscation really works

– Program grows in size


Hard Demo

• DES test (public domain code)– 6 classes, 3179 lines

• More obfuscation

• Code volume and runtime increase


DemoDemo


Results - Simple

Obfuscation Bytes

none 634 ( 1 class)

Transient variable 835 ( 3 classes)

Control flow 109162 ( 3 classes)


Results - DES

Obfuscation Bytes

none 42913 ( 6 classes)

Transient variable 66349 ( 3 classes)

Control flow 757468 ( 3 classes)


What’s Next

• More transforms– Plug-in architecture

• Optimum determination of transforms– Data flow driven

– Metrics

• Speed and space improvement

• Integrate with agentlets


Feb. 28, 2001Policy Specification and Architecture Report

April 30, 2001Prototype Distributed Agent Generation Tool

Administrative Info (Milestones)

Dec. 15, 2002Distributed, Self-Healing Obfuscated Agentlet Prototype

March 15, 2002Obfuscated Agentlet Prototype

March 14, 2000Start Date

March 15, 2003End Date

2001200120002000 20022002 20032003

Jan. 15, 2003Final Report

Nov. 15, 2001Obfuscation Techniques Evaluation Report


The End!The End!


Commercial Obfuscators & Decompilers

• Severe limitations

• Obfuscation mostly limited to name removal


Deferred Java Features

• Floating point

• Reflection

• Serialization

• Synchronization


Java Challenges

• Typed memory management

• Java verifier– Forces correct type and stack at every point

• Limited control flow

• Rich program object


Static and Dynamic

• Static analysis– Branch loses information of where from

• Trace based analysis– Program slicing– Interpretive execution for given input

• Threading– Separate thread for interactions with environment– Nondeterministic execution


Ideal State Obfuscation

P OP

obfuscationtransform

……………

Self-Protecting Mobile Agents

Documents

Transcript of Self-Protecting Mobile Agents