Computer Science ›› 2015, Vol. 42 ›› Issue (3): 167-173.doi: 10.11896/j.issn.1002-137X.2015.03.035

Previous Articles     Next Articles

Quantitative Evaluation for Effectiveness of Code Obfuscation Based on Multi-level Weighted Attributes

XIE Xin, LIU Fen-lin, LU Bin and GONG Dao-fu   

  • Online:2018-11-14 Published:2018-11-14

Abstract: In order to overcome randomness and blindness for choosing code obfuscation algorithms in the process of software protection,in view of the problem that quantitative comparison and evaluation of code obfuscation are difficult,a quantitative evaluation method of obfuscation based on multi-level weighted attributes was proposed.From the aspect of attacker,it uses static and dynamic reverse analysis means to analyze the original and obfuscated programs,and quantifies evaluation index based on program attributes.Three-level hierarchical analysis model is constructed,and expert evaluation method is used to compare the importance of program attributes and determine the weights of program attributes.Based on the evaluation index quantitative values and weights of attributes,analytic hierarchy process is used to evaluate different obfuscation methods.Experiment and analysis show that the method can quantitatively compare the effectiveness of different obfuscation algorithms.

Key words: Code obfuscation,Quantitative evaluation,Analytic hierarchy,Weighted attribute

[1] Collberg C,Thomborson C,Low D.A taxonomy of obfuscating transformations[R].Department of Computer Science,University of Auckland,Auckland,NewZealand,1997
[2] 王建民,余志伟,王朝坤,等.Java程序混淆技术综述[J].计算机学报,2011,31(9):1578-1588
[3] Collberg C,Thomborson C,Low D.Manufacturing cheap,resi-lient,and stealthy opaque constructs[C]∥Proceedings of 25th SIGPLAN-SIGACT Symposium on Principles of Programming Languages.ACM,1998:184-196
[4] Barak B,Gold reich O,Impagliazzo R,et al.On the (im)possibility of obfuscating programs[C] ∥Proceedings of CRYPTO 2001.Santa Barbara:Springer-Verlag,2001:1-18
[5] Kuzurin N,Shokurov A,Varnovsky N,et al.On the concept of software obfuscation in computer security[C] ∥Proceedings of the 10th International Conference on Information Security.2007,4779:281-298
[6] Goldwasser S,Rothblum G.On best possible obfuscation[C]∥Proceedings of the 4th Theory of Cryptography Conference.2007,4392:194-213
[7] Barak B,Goldreich O,Impagliazzo R,et al.On the (Im)possibility of Obfuscating Programs[M]∥Advances in Cryptology-CRYRTO 2001.2001:1-18
[8] Dalla M,Giacobazzi R.Semantic-based code obfuscation by abstract interpretation[C] ∥Proceedings of the 32nd International Colloquium on Automata,Languages and Programming.2005,3580:1325-1336
[9] Dalla M,Giacobazzi R.Control code obfuscation by abstract interpretation[C] ∥Proceedings of the 3rd IEEE International Conference on Software Engineering and Formal Methods.2005:301-310
[10] 高鹰,陈意云.基于抽象解释的代码混淆有效性比较框架[J].计算机学报,2007,30(5):806-814
[11] Anckaert B,Madou M,De S B, et al.Program obfuscation:Aquantitative approach[C]∥Proceedings of the 2007 ACM Workshop on Quality of Protection.2007:15-20
[12] Tsai H Y,Huang Y L,Wagner D.A graph approach to quantitative analysis of control flow obfuscating[J].IEEE Transactions on Information Forensics and Security,2009,4(2):257-267
[13] Huang Y L,Tsai H Y.A framework for quantitative evaluation of parallel control-flow obfuscation[J].Computers & Security,2012,31(8):886-896
[14] 付剑晶,王珂.软件迷惑变换的鲁棒性量化评价[J].软件学报,2013,24(4):730-748
[15] Ogiso T,Sakabe Y,Soshi M,et al.Software obfuscation on a theoretical basis and its implementation[J].IEICE Transactions on Fundamentals of Electronics,Communications and Computer Sciences,2003,86(1):176-186
[16] Ceccato M,Di P M,Nagra J,et al.Towards experimental evaluation of code obfuscation techniques[C]∥Proceedings of the 4th ACM Workshop on Quality of Protection.Alexandria,VA,USA,2008:39-46
[17] Ceccato M,Di Penta M,Nagra J,et al.Towards experimentalevaluation of code obfuscation techniques[C]∥Proceedings of the 4th ACM Workshop on Quality of Protection.2008:39-46
[18] 赵玉洁,汤战勇,王妮,等.代码混淆有效性评估[J].软件学报,2012:700-711
[19] Satty T L.The Analytic Hierarchy Process [M].New York:McGraw-Hill,1980

No related articles found!
Full text



No Suggested Reading articles found!