Obfuscation through the observer-effect: Thinking outside the virtual black-box

Theoretical investigations of obfuscation have been built around a model of a single Turing machine which interacts with a user. A drawback of this model is that it cannot account for the most common approach to obfuscation used by malware, the observer-effect. The observer-effect describes the situation in which the act of observing something changes it. Malware implements the observer-effect by detecting and acting on changes in its environment caused by user observation.;In this work, we initiate a theoretical study of obfuscation with regards to programs that interact with a user and an environment. We define the System-Interaction model to formally represent this additional dimension of interaction. We also define a semantically obfuscated program within our model as one that hides all semantic predicates from a computationally bounded adversary. This is possible while still remaining useful because semantically obfuscated programs can interact with an operating system while showing nothing to the user. Next, we analyze the necessary and sufficient conditions of achieving this standard of obfuscation. Finally, we demonstrate a candidate approach to achieving those conditions on current computers.