J4 ›› 2012, Vol. 34 ›› Issue (1): 79-85.
• 论文 • Previous Articles Next Articles
HE Yanxiang,CHEN Yong,WU Wei,CHEN Nian,XU Chao,LIU Jianbo,SU Wen
Received:
Revised:
Online:
Published:
Abstract:
Selfmodifying code obfuscation is an effective technique to hide the important information of programs. In this paper, we focus on reducing the cost of obfuscated codes and enhancing the degree of obfuscation to use a flowsensitive method to select the obfuscated codes that are important relatively such as control instruction and propose a twostep comparing obfuscation model that can locate the obfuscated instructions in binary codes precisely that can help change these codes to illegal codes to defense the disassembly. The model contains two parts. The first part uses the flowsensitive analyses to get the obfuscated instructions and generate two obfuscated codes and one obfuscated code mapping file. Then, the second part compares these two obfuscated codes to generate the final obfuscated codes containing the illegal instruction codes based on the obfuscated code mapping file. Through the experiments, the obfuscated instructions are about 3% of the whole codes and the disassemble codes are much different with the source codes and even some error instructions appear.
Key words: program flowsensitive;selfmodifying codes;code obfuscation;binary codes location;code protection
HE Yanxiang,CHEN Yong,WU Wei,CHEN Nian,XU Chao,LIU Jianbo,SU Wen. A Program FlowSensitive SelfModifying Code Obfuscation Method[J]. J4, 2012, 34(1): 79-85.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://joces.nudt.edu.cn/EN/
http://joces.nudt.edu.cn/EN/Y2012/V34/I1/79
