A Framework to Quantify the Quality of Source Code Obfuscation

Malicious reverse engineering of software has served as a valuable technique for attackers to infringe upon and steal intellectual property. We can employ obfuscation techniques to protect against such attackers as useful tools to safeguard software. Applying obfuscation techniques to source code ca...

Full description

Saved in:
Bibliographic Details
Published in:Applied sciences 2024-06, Vol.14 (12), p.5056
Main Authors: Jin, Hongjoo, Lee, Jiwon, Yang, Sumin, Kim, Kijoong, Lee, Dong Hoon
Format: Article
Language:English
Subjects:
Analysis
Boolean
C plus plus
Intellectual property
Logic
obfuscation measure
Optimization techniques
quantifying obfuscation quality
Reverse engineering
Semantics
Software
Software development
source code obfuscation
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Malicious reverse engineering of software has served as a valuable technique for attackers to infringe upon and steal intellectual property. We can employ obfuscation techniques to protect against such attackers as useful tools to safeguard software. Applying obfuscation techniques to source code can prevent malicious attackers from reverse engineering a program. However, the ambiguity surrounding the protective efficacy of these source code obfuscation tools and techniques presents challenges for users in evaluating and comparing the varying degrees of protection provided. This paper addresses these issues and presents a methodology to quantify the effect of source code obfuscation. Our proposed method is based on three main types of data: (1) the control flow graph, (2) the program path, and (3) the performance overhead added to the process—all of which are derived from a program analysis conducted by human experts and automated tools. For the first time, we have implemented a tool that can quantitatively evaluate the quality of obfuscation techniques. Then, to validate the effectiveness of the implemented framework, we conducted experiments using four widely recognized commercial and open-source obfuscation tools. Our experimental findings, based on quantitative values related to obfuscation techniques, demonstrate that our proposed framework effectively assesses obfuscation quality.
ISSN:2076-3417
2076-3417
DOI:10.3390/app14125056