IEEE Project Abstract

The code of a compiled program is susceptible to reverse-engineering attacks on the algorithms and the business logic that are contained within the code. The main existing counter measure to reverse-engineering is obfuscation. Generally,obfuscation methods suffer from two main deficiencies: (a) the obfuscated code is less efficient than the original, and (b) with sufficient effort, the original code may be reconstructed. We propose a method that is based on cryptography and virtualization.The most valuable functions are encrypted and remain in accessible even during their execution, thus preventing their reconstruction. A specially crafted hypervisor is responsible for decryption,execution and protection of the encrypted functions.We claim that the system can provide protection even if the attacker: (a) has access to the operating system kernel, and (b)can intercept communication over the system bus. The evaluation of the system’s efficiency suggests that it can compete with and outperform obfuscation-based methods.