Estimating Software Obfuscation Potency with Artificial Neural Networks

This paper presents an approach to estimate the potency of obfuscation techniques. Our approach uses neural networks to accurately predict the value of complexity metrics – which are used to compute the potency – after an obfuscation transformation is applied to a code region. This work is the first step towards a decision support to optimally protect software applications.

[1]  Saumya K. Debray,et al.  Deobfuscation: reverse engineering obfuscated code , 2005, 12th Working Conference on Reverse Engineering (WCRE'05).

[2]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[3]  Maurice H. Halstead,et al.  Elements of software science (Operating and programming systems series) , 1977 .

[4]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[5]  Jack W. Davidson,et al.  Protection of software-based survivability mechanisms , 2001, 2001 International Conference on Dependable Systems and Networks.

[6]  Lianfen Huang,et al.  Application of BP neural network in wireless network security evaluation , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[7]  Saumya K. Debray,et al.  Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.

[8]  Ron Kohavi,et al.  A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection , 1995, IJCAI.

[9]  Michal Turcanik,et al.  Packet filtering by artificial neural network , 2015, International Conference on Military Technologies (ICMT) 2015.

[10]  Douglas Low,et al.  Protecting Java code via code obfuscation , 1998, CROS.

[11]  Chris Imafidon,et al.  Applicability of Neural Networks to Software Security , 2012, 2012 UKSim 14th International Conference on Computer Modelling and Simulation.

[12]  Marco Torchiano,et al.  The effectiveness of source code obfuscation: An experimental assessment , 2009, 2009 IEEE 17th International Conference on Program Comprehension.

[13]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[14]  Marco Torchiano,et al.  Assessment of Source Code Obfuscation Techniques , 2016, 2016 IEEE 16th International Working Conference on Source Code Analysis and Manipulation (SCAM).

[15]  Anas N. Al-Rabadi,et al.  A comparison of modified reconstructability analysis and Ashenhurst‐Curtis decomposition of Boolean functions , 2004 .

[16]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[17]  K. De Bosschere,et al.  DIABLO: a reliable, retargetable and extensible link-time rewriting framework , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[18]  Chris F. Kemerer,et al.  A Metrics Suite for Object Oriented Design , 2015, IEEE Trans. Software Eng..

[19]  Robert K. Cunningham,et al.  Improving Intrusion Detection Performance using Keyword Selection and Neural Networks , 2000, Recent Advances in Intrusion Detection.

[20]  Michael Gegick,et al.  On the design of more secure software-intensive systems by use of attack patterns , 2007, Inf. Softw. Technol..

[21]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..