Abstract
Code obfuscations are semantics-preserving code transformations used to protect a program from reverse engineering. There is generally no expectation of complete, long-term, protection. Rather, there is a trade-off between the protection afforded by an obfuscation (i.e. the amount of resources an adversary has to expend to overcome the layer of confusion added by the transformation) and the resulting performance overhead.
In this paper we examine the problems that arise when constructing an Obfuscation Executive. This is the main loop in charge of a) selecting the part of the application to be obfuscated next, b) choosing the best transformation to apply to this part, c) evaluating how much confusion and overhead has been added to the application, and d) deciding when the obfuscation process should terminate.
This work was supported in part by the National Science Foundation under grant CCR-0073483 and the Air Force Research Lab under contract F33615-02-C-1146.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Appel, A.: Deobfuscation is in np, http://www.cs.princeton.edu/~appel/papers/deobfus.pdf
Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of software obfuscation. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)
Collberg, C., Myles, G., Huntwork, A.: Sandmark - a tool for software protection research. IEEE Security and Privacy 1(4), 40–49 (2003)
Collberg, C., Thomborson, C.: Software watermarking: Models and dynamic embeddings. In: POPL 1999, San Antonio, TX (January 1999)
Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical Report 148, Department of Computer Science, University of Auckland (July 1997)
Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: POPL 1998, San Diego, CA (January 1998)
Lacey, D., de Moor, O.: Detecting disabling interference between program transformations, citeseer.nj.nec.com/464977.html
Purao, S., Vaishnavi, V.: Product metrics for object-oriented systems. ACM Comput. 35(2), 191–221 (2003)
Vliet, H.P.V.: Crema — The Java obfuscator, web.inter.nl.net/users/H.P.van.Vliet/crema.html (January 1996)
Whitfield, D., Soffa, M.L.: An approach to ordering optimizing transformations. In: PPOPP 1990, pp. 137–146 (1990)
Whitfield, D., Soffa, M.L.: Automatic generation of global optimizers. In: PLDI 1991, pp. 120–129 (1991)
Wroblewski, G.: A General Method of Program Code Obfuscation. PhD thesis, Wroclaw University (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Heffner, K., Collberg, C. (2004). The Obfuscation Executive. In: Zhang, K., Zheng, Y. (eds) Information Security. ISC 2004. Lecture Notes in Computer Science, vol 3225. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30144-8_36
Download citation
DOI: https://doi.org/10.1007/978-3-540-30144-8_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23208-7
Online ISBN: 978-3-540-30144-8
eBook Packages: Springer Book Archive