微信服务号

微信订阅号

2025年4月3日 15:15 星期四
首页 > 过刊浏览>2012年第23卷第3期 >700-711. DOI:10.3724/SP.J.1001.2012.03994
PDF HTML阅读 XML下载 导出引用 引用提醒
代码混淆算法有效性评估
作者:
基金项目:

国家自然科学基金(61070176, 61170218); 陕西省教育厅产业化示范项目(2010JC24); 西安市科技计划项目 (CXY1011); 西北大学-爱迪德信息安全联合实验室项目(NISL-2009TR01); 西北大学研究生自主创新资助项目(10YZZ16)


Evaluation of Code Obfuscating Transformation
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [20]
    • |
  • 相似文献 [20]
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    代码混淆是一种能够有效增加攻击者逆向分析和攻击代价的软件保护技术.然而,混淆算法的有效性评价和验证是代码混淆研究中亟待解决的重要问题.目前,对代码混淆有效性的研究大都是基于软件复杂性度量的,然而代码混淆作为一种保护软件安全的技术,更需要从逆向攻击的角度进行评估.将面向逆向工程的思想引入到代码混淆算法评估中,通过理论证明和具体实验验证了其可行性.该评估方法能够为混淆算法提供有效证明,并对判别和选择代码混淆算法具有指导意义,同时也有助于寻求更有效的代码混淆方法.

    Abstract:

    Code obfuscation is currently one of the most viable methods for preventing reverse engineering attacks. Many kinds of code obfuscation transforms are widely used in software protection. However, there are still no sufficient theories to evaluate the effectiveness of obfuscation transform. In fact, few measurements are available that provide information about the capability of obfuscation to reduce attackers’ efficiency, and few existing theories, which draws upon complexity metrics from software engineering, are convincing. This paper uses a different way to evaluate the difficulty that attackers have in understanding and modifying obfuscated software through static analysis, dynamic debugging of reverse engineering, and then to abstract some metrics to quantify to what extent that code obfuscation is able to make attacks more difficult to be performed.

    参考文献
    [1] Eilam E, Chikofsky E, Wrote; Han Q, Yang Y, Wang YY, Li N, Trans. Reversing: Secrets of Reverse Engineering. Beijing: China Machine Press, 2005 (in Chinese).
    [2] Collberg C, Thomborson C, Low D. A taxonomy of obfuscating transformations. Technical Report, 148, University of Auckland, 1997.
    [3] Collberg C, Thomborson C, Low D. Manufacturing cheap, resilient, and stealthy opaoue constructs. In: Proc. of the 25th ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages, 1998. 184-196. [doi: 10.1145/268946.268962]
    [4] Chow S, Gu Y, Johnson H, Zakharov VA. An approach to the obfuscation of control-flow of sequential computer programs. In: Davida G, Frankel Y, eds. Proc. of the Information Security (ISC 2001). LNCS 2200, Springer-Verlag, 2001. 144-155. [doi: 10.1007/3-540-45439-X_10]
    [5] Barak B, Goldreich O, Impagliazzo R, Rudich S, Sahai A, Vadhan SP, Yang K. On the (im) possibility of obfuscating programs. In: Kilian J, ed. Proc. of the 21st Annual Int’l Cryptology Conf. on Advances in Cryptology (CRYPTO 2001). Santa Barbara: Springer-Verlag, 2001. 1-18.
    [6] Appel A. Deobfuscation is in NP. 2002. http://www.cs.princeton.edu/~appel/papers/deobfus.pdf
    [7] Preda M, Giacobazzi R. Semantic-Based code obfuscation by abstract interpretation. In: Proc. of the ICALP. 2005. [doi: 10.1007/11523468_107]
    [8] Preda M, Giacobazzi R. Control code obfuscation by abstract interpretation. In: Proc. of the SEFM. 2005. [doi: 10.1109/SEFM.2005.13]
    [9] Gao Y, Chen YY. A comparable code obfuscation framework measuring efficiency based on abstract interpretation. Chinese Journal of Computers, 2007,30(5):806-814 (in Chinese with English abstract).
    [10] Gao Y, Chen YY. Research on code obfuscation and its semantics [Ph.D.Thesis]. Hefei: University of Science and Technology of China, 2007. (in Chinese with English abstract).
    [11] Wang CX. A security architecture for survivability mechanisms [Ph.D. Thesis]. University of Virginia, School of Engineering and Applied Science, 2000. 63-75.
    [12] Ogiso T, Sakabe Y, Soshi M, Miyaji A. Software obfuscation on a theoretical basis and its implementation. IEEE Trans. on Fundamentals, 2003.
    [13] Ceccato M, Di Penta M, Nagra J, Falcarin P, Ricca F, Torchiano M, Tonella P. Towards experimental evaluation of code obfuscation techniques. In: Proc. of the 4th ACM Workshop on Quality of Protection. 2008. 39-46. [doi: 10.1145/1456362. 1456371]
    [14] Linn C, Debray S. Obfuscation of executable code to improve resistance to static disassembly. In: Proc. of the 10th ACM Conf. on Computer and Communications Security. 2003. 290-299. [doi: 10.1145/948109.948149]
    [15] McCabe TJ. A complexity measure. IEEE Trans. on Software Engineering, 1976,SE-2(4):308-320. [doi: 10.1109/TSE.1976. 233837]
    [16] Henry S, Kafura D. Software structure metrics based on information flow. IEEE Trans. on Software Engineering, 1981,SE-7(5): 510-518. [doi: 10.1109/TSE.1981.231113]
    [17] Hang JC. Research and implementation of a code obfuscation algorithm based on control flow flattening [MS. Thesis]. Xi’an: College of the Information Science & Technology, Northwest University, 2010 (in Chinese with English abstract).
    [18] László T, Kiss á. Obfuscating C++ programs via control flow flattening. In: Proc. of the 10th Symp. on Programming Languages and Software Tools. Hungary, 2007.
    [19] Kruegel C, Robertson W, Valeur F, Vigna G. Static disassembly of obfuscated binaries. In: Proc. of the 13th Conf. on USENIX Security Sympium, Vol.13. 2004. 18-18.
    [20] Anckaert B, Madou M, de Sutter B, de Bus B, de Bosschere K, Preneel B. Program obfuscation: a quantitativeapproach. In: Proc. of the 2007 ACM Workshop on Quality of Protection (QoP 2007). 2007. 15-20. [doi: 10.1145/1314257.1314263]
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

赵玉洁,汤战勇,王妮,房鼎益,顾元祥.代码混淆算法有效性评估.软件学报,2012,23(3):700-711

复制
分享
文章指标
  • 点击次数:5473
  • 下载次数: 9047
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 收稿日期:2010-09-09
  • 最后修改日期:2011-01-21
  • 在线发布日期: 2012-03-05
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19780982位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号