Open Access
A Taxonomy of Obfuscating Transformations
TLDR
It is argued that automatic code obfuscation is currently the most viable method for preventing reverse engineering and the design of a code obfuscator is described, a tool which converts a program into an equivalent one that is more diicult to understand and reverse engineer.Abstract:
It has become more and more common to distribute software in forms that retain most or all of the information present in the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we review several techniques for technical protection of software secrets. We will argue that automatic code obfuscation is currently the most viable method for preventing reverse engineering. We then describe the design of a code obfuscator, a tool which converts a program into an equivalent one that is more diicult to understand and reverse engineer. The obfuscator is based on the application of code transformations, in many cases similar to those used by compiler optimizers. We describe a large number of such transformations, classify them, and evaluate them with respect to their potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), and cost (How much overhead is added to the application?). We nally discuss some possible deobfuscation techniques (such as program slicing) and possible countermeasures an obfuscator could employ against them.read more
Citations
More filters
Journal ArticleDOI
Watermarking, tamper-proofing, and obfuscation - tools for software protection
TL;DR: Three types of attack on the intellectual property contained in software and three corresponding technical defenses are identified, including obfuscation, watermarking, and tamper-proofing.
Book
Architectural support for copy and tamper-resistant software
David Lie Chandramohan Thekkath,Mark Mitchell,Patrick Lincoln,Dan Boneh,John C. Mitchell,Mark Horowitz +5 more
TL;DR: The hardware implementation of a form of execute-only memory (XOM) that allows instructions stored in memory to be executed but not otherwise manipulated is studied, indicating that it is possible to create a normal multi-tasking machine where nearly all applications can be run in XOM mode.
ReportDOI
Static analysis of executables to detect malicious patterns
Mihai Christodorescu,Somesh Jha +1 more
TL;DR: An architecture for detecting malicious patterns in executables that is resilient to common obfuscation transformations is presented, and experimental results demonstrate the efficacy of the prototype tool, SAFE (a static analyzer for executables).
Patent
Software self-defense systems and methods
James J. Horning,W. Olin Sibert,Robert E. Tarjan,Umesh Maheshwari,William G. Horne,Andrew K. Wright,Lesley R. Matheson,Susan S. Owicki +7 more
TL;DR: In this paper, the authors describe obfuscation, tamper-resistance, and watermarking techniques for protecting a computer program from unauthorized analysis and modification. But they do not discuss how to detect tampering.
Proceedings ArticleDOI
Manufacturing cheap, resilient, and stealthy opaque constructs
TL;DR: The design of a Java code obfuscator is described, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer.
References
More filters
Book
Compilers: Principles, Techniques, and Tools
TL;DR: This book discusses the design of a Code Generator, the role of the Lexical Analyzer, and other topics related to code generation and optimization.
Book
A metrics suite for object oriented design
TL;DR: This research addresses the needs for software measures in object-orientation design through the development and implementation of a new suite of metrics for OO design, and suggests ways in which managers may use these metrics for process improvement.
Book
A complexity measure
TL;DR: In this paper, a graph-theoretic complexity measure for managing and controlling program complexity is presented. But the complexity is independent of physical size, and complexity depends only on the decision structure of a program.
Journal ArticleDOI
A Complexity Measure
TL;DR: Several properties of the graph-theoretic complexity are proved which show, for example, that complexity is independent of physical size and complexity depends only on the decision structure of a program.