TY - GEN
T1 - Binary Obfuscation Based Reassemble
AU - Wang, Chang
AU - Zhang, Zhaolong
AU - Jia, Xiaoqi
AU - Tian, Donghai
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/2
Y1 - 2018/7/2
N2 - Software reverse engineering is the process of retrieving the source code or recovering the higher level structure from an executable binary file. It has a wide range of applications in software analysis, such as vulnerability mining and exploiting, blind patching and so on. But it can also be used for illegal activities such as software piracy and plagiarism, which bring huge losses to relevant workers. So Anti-reverse has important significance for intellectual property protection. In fact, it is difficult to protect a software against being reversed or malicious modifications.In this paper, we present and discuss a new binary obfuscation method based on reassemble. The binary reassembling refers to the process of disassembling an executable binaries into assembly code and assemble it back to a correct binary. We make binary obfuscation in this process because it can avoid many problems and have better protection than other obfuscation methods. We designed two obfuscating schemes including instruction substitution and control flow confusion. The resulting code is still a correct program, but it has more complex instruction execution sequence and sophisticated control flow graph. According to the experiment results, the obfuscated program has more smaller file size but it execute more slowly than the original program.
AB - Software reverse engineering is the process of retrieving the source code or recovering the higher level structure from an executable binary file. It has a wide range of applications in software analysis, such as vulnerability mining and exploiting, blind patching and so on. But it can also be used for illegal activities such as software piracy and plagiarism, which bring huge losses to relevant workers. So Anti-reverse has important significance for intellectual property protection. In fact, it is difficult to protect a software against being reversed or malicious modifications.In this paper, we present and discuss a new binary obfuscation method based on reassemble. The binary reassembling refers to the process of disassembling an executable binaries into assembly code and assemble it back to a correct binary. We make binary obfuscation in this process because it can avoid many problems and have better protection than other obfuscation methods. We designed two obfuscating schemes including instruction substitution and control flow confusion. The resulting code is still a correct program, but it has more complex instruction execution sequence and sophisticated control flow graph. According to the experiment results, the obfuscated program has more smaller file size but it execute more slowly than the original program.
UR - http://www.scopus.com/inward/record.url?scp=85063910409&partnerID=8YFLogxK
U2 - 10.1109/MALWARE.2018.8659363
DO - 10.1109/MALWARE.2018.8659363
M3 - Conference contribution
AN - SCOPUS:85063910409
T3 - MALWARE 2018 - Proceedings of the 2018 13th International Conference on Malicious and Unwanted Software
SP - 153
EP - 160
BT - MALWARE 2018 - Proceedings of the 2018 13th International Conference on Malicious and Unwanted Software
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 13th International Conference on Malicious and Unwanted Software, MALWARE 2018
Y2 - 22 October 2018 through 24 October 2018
ER -