Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Preprint |
| Veröffentlicht: |
2025
|
| Schlagworte: | |
| Online-Zugang: | https://arxiv.org/abs/2512.22076 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| _version_ | 1866908732937469952 |
|---|---|
| author | Somech, Nir Katz, Guy |
| author_facet | Somech, Nir Katz, Guy |
| contents | Software obfuscation techniques make code more difficult
to understand, without changing its functionality. Such techniques
are often used by authors of malicious software to avoid
detection. Reverse Engineering
of obfuscated code, i.e., the process of overcoming obfuscation and
answering questions about the functionality of the code, is
notoriously difficult; and while various tools and methods exist for
this purpose, the process remains complex and slow, especially when
dealing with layered or customized obfuscation techniques.
Here, we present a novel, automated tool for addressing some of the
challenges in reverse engineering of obfuscated code. Our tool,
called ReSMT, converts the obfuscated assembly code into a complex
system of logical assertions that represent the code functionality,
and then applies SMT solving and simulation tools to inspect the
obfuscated code's execution. The approach is mostly automatic,
alleviating the need for highly specialized deobfuscation skills.
In an elaborate case study that we conducted, ReSMT successfully
tackled complex obfuscated code, and was able to solve reverse-engineering
queries about it. We believe that these results showcase the potential
and usefulness of our proposed approach. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2512_22076 |
| institution | arXiv |
| publishDate | 2025 |
| record_format | arxiv |
| spellingShingle | ReSMT: An SMT-Based Tool for Reverse Engineering Somech, Nir Katz, Guy Cryptography and Security Software obfuscation techniques make code more difficult to understand, without changing its functionality. Such techniques are often used by authors of malicious software to avoid detection. Reverse Engineering of obfuscated code, i.e., the process of overcoming obfuscation and answering questions about the functionality of the code, is notoriously difficult; and while various tools and methods exist for this purpose, the process remains complex and slow, especially when dealing with layered or customized obfuscation techniques. Here, we present a novel, automated tool for addressing some of the challenges in reverse engineering of obfuscated code. Our tool, called ReSMT, converts the obfuscated assembly code into a complex system of logical assertions that represent the code functionality, and then applies SMT solving and simulation tools to inspect the obfuscated code's execution. The approach is mostly automatic, alleviating the need for highly specialized deobfuscation skills. In an elaborate case study that we conducted, ReSMT successfully tackled complex obfuscated code, and was able to solve reverse-engineering queries about it. We believe that these results showcase the potential and usefulness of our proposed approach. |
| title | ReSMT: An SMT-Based Tool for Reverse Engineering |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2512.22076 |