路径分支混淆研究综述

doi:10.11959/j.issn.2096-109x.2020027

Abstract

Abstract:

Code obfuscation is a convenient and effective technique of software protection,which can combat MATE attacks based on reverse engineering.With the development of automatic programming analysis technology,a new code obfuscation technique which named path branch obfuscation was proposed to defeat symbolic execution.With the composition of branch information and how does the branch composition effect in execution technique,the branch obfuscation was classified into three types.Then,a detailed research and development situation of each branch obfuscation class was exhaustively described.At last,the prospects of branch obfuscation were discussed.

Key words: reverse engineering, code obfuscation, symbol execution, path branch obfuscation

CLC Number:

TP311

Pu GENG,Yuefei ZHU. Review of path branch obfuscation[J]. Chinese Journal of Network and Information Security, 2020, 6(2): 12-18.

Figures/Tables 3

References 19

[1]	COLLBERG C , THOMBORSON C , LOW D . A taxonomy of obfuscating transformations[R]. Department of Computer Science,The University of Auckland,New Zealand, 1997.
[2]	MAVROGIANNOPOULOS N , KISSERLI N , PRENEEL B . A taxonomy of self-modifying code for obfuscation[J]. Computers ＆Security, 2011,30(8): 679-691.
[3]	AVIDAN E , FEITELSON D G . From obfuscation to comprehension[C]// 2015 IEEE 23rd International Conference on Program Comprehension. 2015: 178-181.
[4]	杨宇波 . 代码混淆模型研究[D]. 北京:北京邮电大学, 2015.
	YANG Y B . Research on code obfuscation model[D]. Beijing:Beijing University of Posts and Telecommunications, 2015.
[5]	BANESCU S , COLLBERG C , GANESH V ,et al. Code obfuscation against symbolic execution attacks[C]// The 32nd Annual Conference on Computer Security Applications. 2016: 189-200.
[6]	BALACHANDRAN V , EMMANUEL S . Potent and stealthy control flow obfuscation by stack based self-modifying code[J]. IEEE Transactions on Information Forensics and Security, 2013,8(4): 669-681.
[7]	LIN H , ZHANG X , YONG M ,et al. Branch obfuscation using binary code side effects[C]// International Conference on Computer,Networks and Communication Engineering (ICCNCE 2013). 2013.
[8]	贾春福, 王志, 刘昕 ,等. 路径模糊:一种有效抵抗符号执行的二进制混淆技术[J]. 计算机研究与发展, 2011,48(11): 2111-2119.
	JIA C F , WANG Z , LIU X ,et al. Branch obfuscation:an efficient binary code obfuscation to impede symbolic execution[J]. Journal of Computer Research and Development, 2011,48(11): 2111-2119.
[9]	SHARIF M I , LANZI A , GIFFIN J T ,et al. Impeding malware analysis using conditional code obfuscation[C]// NDSS. 2008.
[10]	王志 . 二进制代码路径混淆技术研究[D]. 天津:南开大学, 2012.
	WANG Z . Research on binary code obfuscation[D]. Tianjin:Nankai University, 2012.
[11]	王志, 贾春福, 刘伟杰 ,等. 一种抵抗符号执行的路径分支混淆技术[J]. 电子学报, 2015,43(5): 870-878.
	WANG Z , JIA C F , LIU W J ,et al. Branch obfuscation to combat symbolic execution[J]. Acta Electronica Sinica, 2015,43(5): 870-878.
[12]	WANG Z , MING J , JIA C F ,et al. Linear obfuscation to combat symbolic execution[C]// European Symposium on Research in Computer Security. 2011.
[13]	ZONG N , JIA C F . Branch obfuscation using" black boxes"[C]// 2014 Theoretical Aspects of Software Engineering Conference. 2014: 114-121.
[14]	MA H , MA X , LIU W ,et al. Control flow obfuscation using neural network to fight concolic testing[C]// International Conference on Security ＆ Privacy in Communication Systems. 2014.
[15]	陈喆, 贾春福, 宗楠 ,等. 随机森林在程序分支混淆中的应用[J]. 电子学报, 2018,46(10): 156-164.
	CHEN Z , JIA C F , ZONG N ,et al. Branch obfuscation using random forest[J]. Acta Electronica Sinica, 2018,46(10): 156-164.
[16]	MA H , LI R , YU X ,et al. Integrated Software fingerprinting vianeural-network-based control flow obfuscation[J]. IEEE Transactions on Information Forensics ＆ Security, 2016,11(10): 2322-2337.
[17]	WANG Z , JIA C F , LIU M ,et al. Branch obfuscation using code mobility and signal[C]// IEEE Computer Software ＆ Applications Conference Workshops. 2012.
[18]	陈喆, 王志, 王晓初 ,等. 基于代码移动的二进制程序控制流混淆方法[J]. 计算机研究与发展, 2015,52(8): 1902-1909.
	CHEN Z , WANG Z , WANG X C ,et al. Using code mobility to obfuscate control flow in binary codes[J]. Journal of Computer Research and Development, 2015,52(8): 1902-1909.
[19]	POPOV I V , DEBRAY S K , ANDREWS G R . Binary obfuscation using signals[C]// USENIX Security Symposium. 2007: 275-290.

Metrics

Recommended 0

No Suggested Reading articles found!

Review of path branch obfuscation

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 3

References 19

Related Articles 2

Metrics

Recommended 0

[1]	Yuqiang XIAO, Yunfei GUO, Yawen WANG. Metrics for code obfuscation based on symbolic execution and N-scope complexity [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 123-134.
[2]	Jieming GU,Bowen SUN,Peng WU,Qi LI,Yanhui GUO. Anti-obfuscation Android application similarity detection method based on API call [J]. Chinese Journal of Network and Information Security, 2018, 4(1): 63-68.