Table of contents

  • This session has been presented February 25, 2022.

Description

  • Speaker

    Grégoire Menguy (CEA LIST)

Code obfuscation aims at protecting Intellectual Property and other secrets embedded into software from being retrieved. Recent works leverage advances in artificial intelligence (AI) with the hope of getting blackbox deobfuscators completely immune to standard (whitebox) protection mechanisms. While promising, this new field of AI-based, and more specifically search-based blackbox deobfuscation, is still in its infancy. We deepen the state of search-based blackbox deobfuscation in three key directions: understand the current state-of-the-art, improve over it and design dedicated protection mechanisms. In particular, we define a novel generic framework for search-based blackbox deobfuscation encompassing prior work and highlighting key components; we are the first to point out that the search space underlying code deobfuscation is too unstable for simulation-based methods (e.g., Monte Carlo Tree Search used in prior work) and advocate the use of robust methods such as S-metaheuristics; we propose the new optimized search-based blackbox deobfuscator Xyntia which significantly outperforms prior work in terms of success rate (especially with small time budget) while being completely immune to the most recent anti-analysis code obfuscation methods; and finally we propose two novel protections against search-based blackbox deobfuscation, allowing to counter Xyntia powerful attacks. This work has been published at ACM CCS 2021.

Practical infos

  • Presentation documents

Next sessions

  • Vers l’émergence d’un droit européen pour la Blockchain : Une approche sous l’angle de la Privacy et de l’encadrement des crypto-actifs

    • December 05, 2025 (10:00 - 11:00)

    • Inria Center of the University of Rennes - Aurigny room

    Speaker : Damien Franchi - Univ Rennes, IODE

    La Blockchain, technologie derrière Bitcoin, fait l’objet d’un encadrement juridique de plusen plus important, en particulier de la part de l’Union européenne. Curieusement, le mot« Blockchain » n’apparaît pas dans les textes l’encadrant. Les expressions « technologie deregistres distribués » (Distributed ledger technology, DLT), ou, parfois, « registreélectronique » lui sont plutôt privilégiées.[…]

    • SoSysec

    • Law

  • Blockchain and digital currencies: between European regulation and technological challenges

    • December 05, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Aurigny room

    Speaker : Loïc Miller - CentraleSupélec

    As the European Union develops a legal framework for crypto-assets and data protection, the technological question underlying the emergence of a genuine digital currency remains open. Blockchain today stands as an interdisciplinary field of study at the crossroads of computer science, economics, and law. This presentation will place the ongoing regulatory framework in perspective with the[…]

    • SoSysec

    • Distributed systems

  • Hardware-Software Co-Designs for Microarchitectural Security

    • December 11, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Petri/Turing

    Speaker : Lesly-Ann Daniel - EURECOM

    Microarchitectural optimizations, such as caches and speculative out-of-order execution, are essential for achieving high performance. However, these same mechanisms also open the door to attacks that can undermine software-enforced security policies. The current gold standard for defending against such attacks is the constant-time programming discipline, which prohibits secret-dependent control[…]

    • SoSysec

    • Hardware/software co-design

    • Micro-architectural vulnerabilities

Show previous sessions
Page top