Opaque Predicate De-Obfuscation Scheme Based on Dynamic Symbolic Execution

Malicious software and vulnerability exploitprograms emerge endlessly.They usually extend the life cycle by using obfuscated code and hence increase the difficulty to beanalyzed.The opaque predicate obfuscation is one of the main ways for code obfuscation. At present, the main de-obfuscating method for opaque predicates is to eliminate the unreachable path in the program through data flow analysis. This paper presents a scheme of path unreachability analysis on opaque predicate de-obfuscationbased on dynamic symbolic execution. Each function is obtained by control flow graph analysis of basic block. As for the path containing branches of basic block, the accessibility is analyzed and the inaccessiblepaths are eliminated. By analyzing the path reachability of branches, we can determine the true branches that will be executed. Our experiment result shows that the average de-obfuscation rate is at around 80%.