Analysis on Technique for Code Obfuscation

Analysis on Technique for Code Obfuscation

연구 분야: Strategies

학회: CNCIT '23: Proceedings of the 2023 2nd International Conference on Networks, Communications and Information Technology

Code obfuscation is used to reduce legibility of the code, and protect the critical code information from being stolen by reverse engineering. For the characteristic that obfuscation can be used for assembly and source code, the main method and principle of obfuscation including identifier obfuscation, control obfuscation and data obfuscation are expounded from the aspects of assembly and source level. Measuring the effectiveness of obfuscation is urgently needed. Existing evaluation methods are mostly based on software complexity measurement, and this leads to a single dimension. The VirusTotal, a website that integrates antivirus software is used to evaluate the killing rates of detecting malicious code in which different obfuscating methods are used. The killing rates are inversely proportional to the code obfuscating effects. Through the comparative experiment, the effects obfuscating factors including encoding times, encoding multiplicities, file formats, obfuscating levels, and obfuscating methods have on killing rates are compared and analyzed, and the ability of different code obfuscating technologies for assembly and source code are measured. The results show that the code obfuscating technologies whose characteristic codes are new and that can change program logic have good effects, which helps developers to use code obfuscating technologies effectively to prevent man-at-the-end attack.