kbeyls
commented
1 year ago Thank you for this suggestion @Fare9 !
It's clear that code obfuscation as done by compilers is on topic for the book. For the book, I wouldn't limit the text to what is being done using LLVM per se. We try to describe methods and techniques in general. Of course, we can point to specific implementations such as done using LLVM.
In short, yes, let's have a chapter on code obfuscation.
I don't know much myself about code obfuscation. It would be great if we could start with having a chapter with an introduction describing why code obfuscation is used, how it can help with security and -- at a high level -- what the different categories of techniques are that are used.
@all-contributors please add @Fare9 for ideas.
allcontributors[bot]
Fare9
LLVM project allows managing code easily through LLVM IR, using an IR allows that some obfuscation techniques can be applied to different programming languages in an abstract way. The LLVM project implements techniques for code optimization but the code can be 'deoptimized' to hide code from analysts or malicious actors, while these protection mechanisms are not perfect, they make people taking longer for their analysis. There are currently various projects using LLVM IR for this: https://github.com/emc2314/YANSOllvm, https://github.com/obfuscator-llvm/obfuscator/wiki or https://github.com/open-obfuscator/o-mvll.
Also as part of a chapter like this, it would be possible saying that LLVM IR can be used for deobfuscation of code, binary code can be 'lifted' to LLVM IR, and PassManager can be used for optimizing obfuscated code, making it more readable.