REDIR: Automated static detection of obfuscated anti-debugging techniques (original) (raw)
Related papers
Proceedings of the 2007 ACM workshop on Quality of protection - QoP '07, 2007
Software reverse engineering is an active threat against software programs. One of the popular techniques used to make software reverse engineering harder is obfuscation. Among various control flow obfuscations methods proposed in the last decade there is a lack of inter-functional control flow obfuscation techniques. In this paper we propose an inter-functional control flow obfuscation by manipulating return instructions. In our proposed method each function is split into different units, with each unit ending with a return instruction. The linear order in which functions appear in the program is obscured by shuffling these units there by creating an inter-functional control flow obfuscation. Experimental results show that the algorithm performs well against automated reverse engineering attacks.
A Comprehensive Analysis of Software Obfuscation Techniques
International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2023
In today's environment, a huge and increasing range of unauthorised practises allows hackers to get unauthorised access to devices and private information by inserting harmful code. The purpose of this research is to assess the efficiency of obfuscation strategies in safeguarding software against reverse engineering and tampering. This study tries to evaluate various obfuscation approaches, such as code obfuscation, control flow obfuscation, and data obfuscation. The findings of this study will contribute to the establishment of best practises for software developers to protect their code from unauthorised access and alteration by providing useful insights into the efficiency of obfuscation approaches in software protection.
Code Obfuscation. Where is it Heading
IJET, 2020
Reverse Engineering is the process of revealing hidden code from class file. It converts garbage to readable English text. The main purpose of Reverse Engineering is to uncover the hidden code when the documentation is poor, missing source file, and developer is no longer available to provide the original code source file. Hacker uses Reverse Engineering to attack the class file to uncover the code. Then, the code can be reused for other purposes without taking any permission from the original author. The class file contains all the information and business rules that will be revealed once Reverse Engineering process attacks. Anti-Reverse Engineering techniques are developed to stop, delay, and prevent Reverse Engineering; one of the most common techniques is Obfuscation. It has many forms of protection such as, changing the names of classes and variables names, hide classes, and change form of code. In this paper, an appraisal will be conducted to study the current Obfuscation techniques. This research proposes a new hybrid technique that is based on obfuscation; the technique will be using mathematics, Unicode, and unknown language to convert the source file to a garbage running file that does same task which normal source file does for java applications.
Tdb: a source-level debugger for dynamically translated programs
Debugging techniques have evolved over the years in response to changes in programming languages, implementation techniques, and user needs. A new type of implementation vehicle for software has emerged that, once again, requires new debugging techniques. Software dynamic translation (SDT) has received much attention due to compelling applications of the technology, including software security checking, binary translation, and dynamic optimization. Using SDT, program code changes dynamically, and thus, debugging techniques developed for statically generated code cannot be used to debug these applications. In this paper, we describe a new debug architecture for applications executing with SDT systems. The architecture provides features that create the illusion that the source program is being debugged, while allowing the SDT system to modify the executing code. We incorporated this architecture in a new tool, called tdb, that integrates a SDT system, Strata, with a widely used debugg...