A code protection method against function call analysis in P2P network

The P2P network has the characteristics of opening and sharing, and a large number of managing and controlling software are deployed on the distributed network nodes. Hence, it is a significant problem to protect software on these untrusted nodes from being maliciously reversed and tampered, and eventually guarantee the P2P network security. Function calls are often the important targets of reverse analysis, which can reveal the software structure and functionality and contribute to malicious attacks. Attackers can identify function calls and execution paths through static code analysis, and can also obtain function call sequences and determine function call relations through dynamic stack backtracking analysis. In terms of these problems, this paper proposes a code protection method against function call analysis. In the static aspect, the techniques such as function address mapping and instruction overlap are employed to hide the function execution paths. In the dynamic aspect, the techniques such as stack frame migration are used to protect the function call sequences and relations from stack backtracking. The method is evaluated in terms of validity, space overhead and time overhead respectively. The experimental results indicate that the method can effectively resist some specific static and dynamic reverse analysis of function calls, and has good space and time overhead performances.

[1]  Fengzhong Qu,et al.  Source Estimation Using Coprime Array: A Sparse Reconstruction Perspective , 2017, IEEE Sensors Journal.

[2]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[3]  Shibo He,et al.  A Robust and Efficient Algorithm for Coprime Array Adaptive Beamforming , 2017, IEEE Transactions on Vehicular Technology.

[4]  Wee Keong Ng,et al.  Function Level Control Flow Obfuscation for Software Security , 2014, 2014 Eighth International Conference on Complex, Intelligent and Software Intensive Systems.

[5]  Jack W. Davidson,et al.  Software Tamper Resistance: Obstructing Static Analysis of Programs , 2000 .

[6]  Fenlin Liu,et al.  A Data Obfuscation Based on State Transition Graph of Mealy Automata , 2014, ICIC.

[7]  Ravindra Metta,et al.  A New Code Obfuscation Scheme for Software Protection , 2014, 2014 IEEE 8th International Symposium on Service Oriented System Engineering.

[8]  Stefan Katzenbeisser,et al.  Code Obfuscation against Static and Dynamic Reverse Engineering , 2011, Information Hiding.

[9]  Dusko Pavlovic,et al.  Gaming security by obscurity , 2011, NSPW '11.

[10]  Marco Torchiano,et al.  A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques , 2013, Empirical Software Engineering.

[11]  Bart Preneel,et al.  A taxonomy of self-modifying code for obfuscation , 2011, Comput. Secur..

[12]  Fenlin Liu,et al.  IterationObfuscation Based on Instruction Fragment Diversification and Control FlowRandomization , 2015 .

[13]  Frantisek Jakab,et al.  Reverse engineering as an education tool in computer science , 2011, 2011 9th International Conference on Emerging eLearning Technologies and Applications (ICETA).

[14]  Won-Gyu Lee,et al.  Development and application of internet of things educational tool based on peer to peer network , 2017, Peer-to-Peer Networking and Applications.

[15]  Clark D. Thomborson,et al.  Manufacturing opaque predicates in distributed systems for code obfuscation , 2006, ACSC.

[16]  Shibo He,et al.  Leveraging Crowdsourcing for Efficient Malicious Users Detection in Large-Scale Social Networks , 2017, IEEE Internet of Things Journal.

[17]  Guang Yang,et al.  Promoting Cooperation by the Social Incentive Mechanism in Mobile Crowdsensing , 2017, IEEE Communications Magazine.

[18]  Michael Sharkey,et al.  Instruction embedding for improved obfuscation , 2012, ACM-SE '12.

[19]  Atsuko Miyaji,et al.  Software Obfuscation on a Theoretical Basis and Its Implementation , 2003, IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences.

[20]  Kangbin Yim,et al.  Malware Obfuscation Techniques: A Brief Survey , 2010, 2010 International Conference on Broadband, Wireless Computing, Communication and Applications.

[21]  Mudit Kapoor,et al.  A study & review on code obfuscation , 2016, 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave).

[22]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[23]  Hemraj Saini,et al.  A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security , 2017, Int. J. Mob. Comput. Multim. Commun..

[24]  Koen De Bosschere,et al.  Software Protection Through Dynamic Code Mutation , 2005, WISA.

[25]  Maya Yadav,et al.  Review on Reverse Engineering Techniques of Software Engineering , 2015 .