A study & review on code obfuscation

This paper presents a technical study review of code obfuscation. To address this, we discuss the need and methods of code obfuscation. We analyze the different techniques which are used to thwart reverse engineers and to protect against malicious code injection and attacks. Obfuscation, in software technology, is the deliberate act of creating an obfuscated code, that is difficult for humans to understand. Code obfuscation is a protective mechanism which is used to reduce the attack activities on a software system. It is a behavior preserving program transformation which aims to make a program unintelligible to automated program comprehension tools. Code obfuscation is convenient in situations where depending on cryptographic techniques is not enough; this is normal in remote execution situations where the software is executed on an unforeseen exposed hostile environment, such as the new computing platforms: cloud-computing paradigm and smart phones.

[1]  Arini Balakrishnan,et al.  Code Obfuscation Literature Survey , 2005 .

[2]  Christian S. Collberg,et al.  Surreptitious Software - Obfuscation, Watermarking, and Tamperproofing for Software Protection , 2009, Addison-Wesley Software Security Series.

[3]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[4]  Ludovic Mé,et al.  Code obfuscation techniques for metamorphic viruses , 2008, Journal in Computer Virology.

[5]  Thomas H. Karas,et al.  Metaphors for cyber security. , 2008 .

[6]  Kangbin Yim,et al.  Malware Obfuscation Techniques: A Brief Survey , 2010, 2010 International Conference on Broadband, Wireless Computing, Communication and Applications.

[7]  Matthew T. Karnick,et al.  A QUALITATIVE ANALYSIS OF JAVA OBFUSCATION , 2006 .

[8]  Koen De Bosschere,et al.  Hybrid static-dynamic attacks against software protection mechanisms , 2005, DRM '05.

[9]  R. Jithin,et al.  Virtual Machine Isolation - A Survey on the Security of Virtual Machines , 2014, SNDS.

[10]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[11]  Yuan Xiang Gu,et al.  An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs , 2001, ISC.

[12]  Michael Mateas,et al.  A Box, Darkly: Obfuscation, Weird Languages, and Code Aesthetics , 2005 .

[13]  Stefan Katzenbeisser,et al.  Code Obfuscation against Static and Dynamic Reverse Engineering , 2011, Information Hiding.

[14]  Gregory Wroblewski,et al.  General Method of Program Code Obfuscation , 2002 .

[15]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[16]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[17]  Markus G. Kuhn,et al.  Information hiding-a survey , 1999, Proc. IEEE.