LLVM passes implementing generalized dynamic opaque predicates and extensions of the idea.

Final project for EECS 583 - Advanced Compilers at the University of Michigan.

Gabriel Garfinkel, Marshall Rhea, and Michael Wolf

Run scripts/build. This will cmake and make to build each pass and the utils library in your build directory.

Before we obfuscate a program, we must compile it to LLVM bitcode. Run scripts/compile <.c file to compile> (output directory) to accomplish this. Due to limitations of obfuscator-llvm, we only support optimization of c files.

Alternatively, you can manually compile to LLVM bticode using the command

clang-12 -emit-llvm <input_file.c> -c -o  <output_name.bc>

We provide a number of test C programs in the tests/ directory, and we include the gnu coreutils project as a submodule to use for benchmarking.

Run the script scripts/opt (-h) <.bc file to obfuscate> <pass>. The passes provided in our project are:

• boguscf : Obfuscation pass to insert opque predicates into straight-line code, generating junk code for the not-taken path. Adapted from - obfuscator-llvm.
• DopSeq : Obfuscation pass to insert dynamic opaque predicates into straight line code. Adapted from gdop.

• obfuscator-llvm An extension of llvm version 4.0 containing obfuscation passes. One of these passes inserts opaque predicates.
• gdop, related paper download: A research project implementing a "generalized dynamic opaque predicate" that is more complex than previous dynamic opaque predicates. Based on obfuscator-llvm.
• LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code. A tool that uses symbolic execution to detect opaque predicates. This is the detection tool that generalized dynamic opaque predicates are designed to beat.