Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지
DOI QR코드

DOI QR Code

A Technique to Apply Inlining for Code Obfuscation based on Genetic Algorithm

유전 알고리즘에 기반한 코드 난독화를 위한 인라인 적용 기법

  • 김정일 (경북대학교 대학원 전자전기컴퓨터) ;
  • 이은주 (경북대학교 IT대학 컴퓨터학부)
  • Received : 2011.01.19
  • Accepted : 2011.03.16
  • Published : 2011.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Code obfuscation is a technique that protects the abstract data contained in a program from malicious reverse engineering and various obfuscation methods have been proposed for obfuscating intention. As the abstract data of control flow about programs is important to clearly understand whole program, many control flow obfuscation transformations have been introduced. Generally, inlining is a compiler optimization which improves the performance of programs by reducing the overhead of calling invocation. In code obfuscation, inlining is used to protect the abstract data of control flow. In this paper, we define new control flow complexity metric based on entropy theory and N-Scope metric, and then apply genetic algorithm to obtain optimal inlining results, based on the defined metric.

Keywords

References

  1. 김갑수, 신영길, 우치수, "엔트로피를 이용한 객체 지향 프로그램의 복잡도 척도", 한국정보과학회논문지, 제22권, 제12호(1995), pp.1656-1666.
  2. 엘다드 에일람, 리버싱:리버스 엔지니어링 비밀을 파헤치다, 1판, 에이콘, 2009.
  3. 정우성, 이은주, "유사도 기반의 웹 어플리케이션 구조 복잡도", 한국컴퓨터정보학회논문지, 제9권, 제8호(2010), pp.117-126.
  4. 채영현, "소프트웨어 보안을 위한 코드 난독화 도구의 개발", Master Thesis, Dep. Electrical Engineering and Computer Science. KAIST, (2007), pp.1-38.
  5. Cavazos, J. and M. F. P. O'Boyle, "Automatic Tuning of Inlining Heuristics", Proc. of the ACM/IEEE SC 2005 Conference, (2005), p.14.
  6. Colleberg, C., C. Thomborson, and D. Low, "A Taxonomy of Obfuscating Transformations", Technical Report 148, University of Auckland, (1997), pp.2-36.
  7. Collberg, C., C. Thomborson, and D. Low, "Manufacturing cheap, resilient, and stealthy opaque constructs", In Principles of Programming Languages, POPL, San Diego, CA, (1998), pp.184-192.
  8. Harrison, W., "An entropy-based measure of software complexity", IEEE Transactions on Software Engineering, Vol.18(1992), pp. 1025-1029. https://doi.org/10.1109/32.177371
  9. Hsin-Yi, T., H. Yu-Lun, and D. Wagner, "A graph approach to quantitative analysis of control-Flow obfuscationg transformations", IEEE Transactions On Information Forensics and Security, Vol.4(2009), pp.257- 267. https://doi.org/10.1109/TIFS.2008.2011077
  10. Li, M. and H. Wang, "GA based inlining optimization in front-end synthesis of embedded software", 5th International Conference on ASIC, Vol.1(2003), pp.341-343.
  11. Low, D., "Java control flow obfuscation", Master's Thesis, Department of Computer Science, (1998), pp.13-69.
  12. http://www.scitools.com/.
  13. http://www.gnu.org/software/cflow/.
  14. Ogiso, T., Y. Sakabe, M. Soshi, and A. Miyaji, "Software obfuscation on a theoretical basic and its implementation", IEEE Trans. Fundamentals, Vol.1, No.1(2003), pp. 176-186.
  15. Sakabe, Y., M. Soshi, and A. Miyaji, "Java Obfuscation Approaches to Construct Tamper-Resistant Object-Oriented Programs", IPSJ Digital Courier, Vol.1(2005), pp.134-146.
  16. Zuse, H., "Software Complexity:Measures and Methods", Hawthorne, NJ:Walter de Gruyter Co., 1991.