DOI QR코드

DOI QR Code

A strategy for effectively applying a control flow obfuscation to programs

제어 흐름 난독화를 효과적으로 수행하기 위한 전략

  • Kim, Jung-Il (Graduate School of Electrical Engineering and Computer Science, Kyungpook Natioanl University) ;
  • Lee, Eun-Joo (School of Computer Science and Engineering, College of IT Engineering, Kyungpook National University)
  • 김정일 (경북대학교 대학원 전자전기컴퓨터) ;
  • 이은주 (경북대학교 IT대학 컴퓨터학부)
  • Received : 2011.01.25
  • Accepted : 2011.03.17
  • Published : 2011.06.30

Abstract

Code obfuscation has been proposed to protect codes in a program from malicious software reverse engineering. It converts a program into an equivalent one that is more difficult to understand the program. Code obfuscation has been classified into various obfuscation technique such as layout, data, control, by obfuscating goals. In those obfuscation techniques, control obfuscation is intended to complicate the control flow in a program to protect abstract information of control flow. For protecting control flow in a program, various control obfuscation transformation techniques have been proposed. However, strategies for effectively applying a control flow obfuscation to program have not been proposed yet. In this paper, we proposed a obfuscation strategy that effectively applies a control flow obfuscation transformation to a program. We conducted experiment to show that the proposed obfuscation strategy is useful for applying a control flow transformation to a program.

악의적인 소프트웨어 역공학으로부터 프로그램이 가지는 코드를 보호하기 위해서 코드 난독화가 제안되었다. 이것은 기존에 존재하는 프로그램 코드를 어렵게 변환시키는 것으로 프로그램 코드에 대한 악의적인 정적 분석을 어렵게 만든다. 코드 난독화는 난독화 목적에 따라 레이아웃, 데이터, 제어 난독화로 분류되어진다. 이 중 제어 난독화는 프로그램이 가지는 제어 흐름에 대한 추상적인 정보를 보호하는 것으로 다양한 종류의 개별 제어 흐름 난독화 변환이 제안되었지만, 이를 효과적으로 적용할 수 있는 방법은 제안되지 않았다. 본 논문에서는 제어 흐름 난독화 변환을 프로그램에 효과적으로 적용할 수 있는 난독화 전략을 제안하고, 실험을 통해서 제안한 난독화 전략의 효용을 보였다.

Keywords

References

  1. E. Eilam, "Reversing: Secrets of Reverse Engineering," Wiley Publishing, Inc., pp. 327-357, Apr. 2005.
  2. C.Colleberg, C.Thomborson, D.Low, "A Taxonomy of Obfuscating Transformations," Technical Report 148, University of Auckland, Jul. 1997.
  3. D. Low, "Java control flow obfuscation," Master's Thesis, Department of Computer Science, University of Auckland, New Zealand, Jun. 1998.
  4. C.Collberg, C.Thomborson, and D.Low, "Manufacturing cheap, resilient, and stealthy opaque constructs," In Principles of Programming Languages 1998, POPL'98, San Diego, CA, Jan. 1998.
  5. T. Hou, H. Chen, and M. Tsai, "Three control flow obfuscation methods for Java software,"Proc. Inst. Elect. Eng. Software, vol. 153, no. 2, pp. 80-86, Jan. 2006. https://doi.org/10.1049/ip-sen:20050010
  6. T. Ogiso, Y.Sakabe, M.Soshi, and A. Miyaji, "Software obfuscation on a theoretical basic and its implementation," IEICE Trans. Fundamentals, vol. E86-A(1), no.1, pp.176-186, Jan. 2003.
  7. Y. Sakabe, M. Soshi, A.Miyaji, "Java Obfuscation Approaches to Construct Tamper-Resistant Object-Oriented Programs," IPSJ Digital Courier, vol.1, pp. 134-146, Dec. 2005.
  8. T. Toyofuku, T. Tabata, and K. Sakurai, "Program obfuscation scheme using random numbers to complicate control flow," EUC Workshops, IEIC Tech. Rep, pp. 916-925, Jan. 2005.
  9. Woosung Jung, Eunjoo Lee,"A Structural Complexity Metric for Web Application based on Similarity," Journal of the Korea Society of Computer and Information, vol.15, no.8, pp.117-126, Aug. 2010. https://doi.org/10.9708/jksci.2010.15.8.117
  10. Sungkyun Oh, Mijin Kim, " A Study of Estimation for Web Application Complexity," Journal of the Korea Society of Computer and Information , vol.9, no.3, pp.27-34, Sep. 2004.
  11. H.Yi Tsai, Y.Lun Huang, D.Wagner, "A graph approach to quantitative analysis of control-Flow obfuscationg transformations," IEEE Transactions On Information Forensics and Security, vol.4, pp 257-267, Jun. 2009 https://doi.org/10.1109/TIFS.2008.2011077
  12. J. S. Davis, R. J. Leblanc, "A Study of the Applicability of Complexity Measures," IEEE Transactions on Software Engineering archive, vol. 14, No.9, pp. 1366-1372, Sep. 1988. https://doi.org/10.1109/32.6179
  13. GnuCflow, http://www.gnu.org/software/cflow/
  14. SciTools, http://www.scitools.com/

Cited by

  1. 안드로이드 앱 변조 방지를 위한 APK 덮어쓰기 기법 vol.b39, pp.5, 2011, https://doi.org/10.7840/kics.2014.39b.5.309