Branch Obfuscation Using Code Mobility and Signal

The branch information is disclosed during software execution. In a malicious host, adversaries could collect predicates from leaked branch information using concolic execution technique. Exploiting collected predicates, adversaries could accurately reason about software´s internal logic, which is a significant threat to software intellectual property protection. In order to mitigate branch information leakage, this paper proposed a branch obfuscation approach that replaces explicit conditional jump instructions with implicit trap codes and bogus codes, and deploys jump conditions on the remote trusted entity. Therefore, in the malicious host the executable is incomplete that gets path selection results from the trusted entity dynamically, which reduces adversaries´ visibility on the branch information. The experimental results show that branch obfuscation could effectively mitigate the branch information leakage, yet practical in terms of performance.