Analysis of Obfuscated Code with Program Slicing
Talukder, M., Falcarin, P. and Islam, S. 2019. Analysis of Obfuscated Code with Program Slicing. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). Oxford, UK 03 - 04 Jun 2019 IEEE. https://doi.org/10.1109/CyberSecPODS.2019.8885094
|Talukder, M., Falcarin, P. and Islam, S.
In Man-At-The-End (MATE) attacks, software apps run on a device under full control of the attackers: they can violate the intellectual property of the app by means of malicious reverse engineering, software piracy, and software tampering. Obfuscation is a technique that is widely adopted by developers to mitigate this problem. Obfuscation increases complexity of software code, by obscuring the structure of code and data in order to thwart the reverse engineering process. However, it is possible to reverse engineer obfuscated code with time, determination and the right tools. In general, there is no accepted methodology to determine the strength of obfuscated code; however resilience is often considered a good metric as it indicates the percentage of obfuscated code that cannot be removed by automated de-obfuscation tools. We introduce a novel approach to measure the resilience of obfuscated C code using program slicing. Given a variable of interest, that might be part of a code region used to manipulate a crypto key or a license number, program slicing can mimic the attacker behaviour by trying to remove the code unrelated to that variable, acting as a new type of de-obfuscator.
|2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
|Accepted author manuscript
File Access Level
|31 Oct 2019
|Publication process dates
|28 Nov 2019
|Proceedings: 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
|Digital Object Identifier (DOI)
|Web address (URL)
|© 2019 IEEE.
|Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
0views this month
0downloads this month