Browse > Article
http://dx.doi.org/10.9708/jksci.2011.16.6.041

A strategy for effectively applying a control flow obfuscation to programs  

Kim, Jung-Il (Graduate School of Electrical Engineering and Computer Science, Kyungpook Natioanl University)
Lee, Eun-Joo (School of Computer Science and Engineering, College of IT Engineering, Kyungpook National University)
Abstract
Code obfuscation has been proposed to protect codes in a program from malicious software reverse engineering. It converts a program into an equivalent one that is more difficult to understand the program. Code obfuscation has been classified into various obfuscation technique such as layout, data, control, by obfuscating goals. In those obfuscation techniques, control obfuscation is intended to complicate the control flow in a program to protect abstract information of control flow. For protecting control flow in a program, various control obfuscation transformation techniques have been proposed. However, strategies for effectively applying a control flow obfuscation to program have not been proposed yet. In this paper, we proposed a obfuscation strategy that effectively applies a control flow obfuscation transformation to a program. We conducted experiment to show that the proposed obfuscation strategy is useful for applying a control flow transformation to a program.
Keywords
software security; code obfuscation; control flow obfuscation; obfuscation algorithm;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 J. S. Davis, R. J. Leblanc, "A Study of the Applicability of Complexity Measures," IEEE Transactions on Software Engineering archive, vol. 14, No.9, pp. 1366-1372, Sep. 1988.   DOI   ScienceOn
2 GnuCflow, http://www.gnu.org/software/cflow/
3 SciTools, http://www.scitools.com/
4 T. Toyofuku, T. Tabata, and K. Sakurai, "Program obfuscation scheme using random numbers to complicate control flow," EUC Workshops, IEIC Tech. Rep, pp. 916-925, Jan. 2005.
5 E. Eilam, "Reversing: Secrets of Reverse Engineering," Wiley Publishing, Inc., pp. 327-357, Apr. 2005.
6 C.Colleberg, C.Thomborson, D.Low, "A Taxonomy of Obfuscating Transformations," Technical Report 148, University of Auckland, Jul. 1997.
7 C.Collberg, C.Thomborson, and D.Low, "Manufacturing cheap, resilient, and stealthy opaque constructs," In Principles of Programming Languages 1998, POPL'98, San Diego, CA, Jan. 1998.
8 Woosung Jung, Eunjoo Lee,"A Structural Complexity Metric for Web Application based on Similarity," Journal of the Korea Society of Computer and Information, vol.15, no.8, pp.117-126, Aug. 2010.   DOI
9 Sungkyun Oh, Mijin Kim, " A Study of Estimation for Web Application Complexity," Journal of the Korea Society of Computer and Information , vol.9, no.3, pp.27-34, Sep. 2004.
10 D. Low, "Java control flow obfuscation," Master's Thesis, Department of Computer Science, University of Auckland, New Zealand, Jun. 1998.
11 Y. Sakabe, M. Soshi, A.Miyaji, "Java Obfuscation Approaches to Construct Tamper-Resistant Object-Oriented Programs," IPSJ Digital Courier, vol.1, pp. 134-146, Dec. 2005.
12 H.Yi Tsai, Y.Lun Huang, D.Wagner, "A graph approach to quantitative analysis of control-Flow obfuscationg transformations," IEEE Transactions On Information Forensics and Security, vol.4, pp 257-267, Jun. 2009   DOI   ScienceOn
13 T. Hou, H. Chen, and M. Tsai, "Three control flow obfuscation methods for Java software,"Proc. Inst. Elect. Eng. Software, vol. 153, no. 2, pp. 80-86, Jan. 2006.   DOI   ScienceOn
14 T. Ogiso, Y.Sakabe, M.Soshi, and A. Miyaji, "Software obfuscation on a theoretical basic and its implementation," IEICE Trans. Fundamentals, vol. E86-A(1), no.1, pp.176-186, Jan. 2003.