Tornado: an Automatic Source-code Obfuscator

Period of Performance: 02/11/2004 - 02/10/2006

$598K

Phase 2 SBIR

Recipient Firm

Architecture Technology Corp.
9971 Valley View Road Array
Eden Prairie, MN 55344
Principal Investigator

Abstract

A malicious reverse engineering attack is an attempt by an adversary to learn information about the behavior and implementation of software from analysis of the binary executable code. One technique to counter the threat of reverse engineering attacks is to obfuscate the software. Obfuscation is translation of a computer program so that it remains a computer program with the same functionality as the original, but is more difficult to reverse engineer. We propose Tornado, a software tool for automatic obfuscation of program source code. Tornado is able to reason about the susceptibility of software to reverse engineering. Tornado can intelligently transform software for the purposes of increasing the costs and difficulty of reverse engineering the software. Tornado is not limited to a fixed set of transformations, since it is designed to be extensible in order to cope with new types of threats. Tornado is able to account for the unique software requirements of software found in the real-time and embedded domains.