A Method and Implementation of Control Flow Obfuscation Using SEH

被引：6

作者：

Yao, Xinlei ^{[1
]}

Pang, Jianmin ^{[1
]}

Zhang, Yichi ^{[1
]}

Yu, Yong ^{[1
]}

Lu, Jianping ^{[1
]}

机构：

[1] Natl Digital Switching Syst Engn & Technol R&D Ct, Zhengzhou, Peoples R China

来源：

2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012) | 2012年

关键词：

control flow obfuscation; structured exception handling; callback function; polymorphism;

D O I：

10.1109/MINES.2012.25

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Control flow obfuscation is an important way of software copyright protection; the main purpose is to make the static analysis tools produce wrong control flow graph, and then prevent malicious use of reverse engineering against software. In this paper we propose an approach to implement control flow obfuscation using Windows structured exception handling mechanism. Programs are obfuscated by replacing branch instructions with exception code and inserting fake branch instruction after the exception code. Furthermore, exception code random technology is used to improve the resilience of the obfuscated code. Experimental results show that disassemble tools fail to identify 56.7% control flow of the obfuscated code, and have a misunderstanding of 40% control flow. The increase in program size and execute time of the obfuscated code is also modest.

引用

页码：336 / 339

页数：4

共 50 条

[21] Software protection algorithm based on control flow obfuscation
Sun Y.
Sun, Yongyong (yongsunjd@126.com), 2018, Totem Publishers Ltd (14) : 2181 - 2188
[22] Technique of Source Code Obfuscation Based on Data Flow and Control FLow Tansformations
Su Qing
Wang Zhi-yue
Wu Wei-min
Li Jing-liang
Huang Zhi-wei
PROCEEDINGS OF 2012 7TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE & EDUCATION, VOLS I-VI, 2012, : 1093 - 1097
[23] RTL Hardware IP Protection Using Key-Based Control and Data Flow Obfuscation
Chakraborty, Rajat Subhra
Bhunia, Swarup
23RD INTERNATIONAL CONFERENCE ON VLSI DESIGN, 2010, : 405 - 410
[24] A framework for quantitative evaluation of parallel control-flow obfuscation
Huang, Yu-Lun
Tsai, Hsin-Yi
COMPUTERS & SECURITY, 2012, 31 (08) : 886 - 896
[25] Deep Control Flow Obfuscation Model Based on Callback Function
Sha Z.-H.
Shu H.
Wu C.-G.
Xiong X.-B.
Kang F.
Ruan Jian Xue Bao/Journal of Software, 2022, 33 (05): : 1833 - 1848
[26] Three control flow obfuscation methods for Java']Java software
Hou, T. W.
Chen, H. Y.
Tsai, M. H.
IEE PROCEEDINGS-SOFTWARE, 2006, 153 (02): : 80 - 86
[27] An Obfuscation Method to Build a Fake Call Flow Graph by Hooking Method Calls
Fukuda, Kazumasa
Tamada, Haruaki
2014 15TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD), 2014, : 331 - 336
[28] Android Control Flow Obfuscation Based on Dynamic Entry Points Modification
Yang, Xueyi
Zhang, Lingchen
Ma, Cunqing
Liu, Zongbin
Peng, Ping
2019 22ND INTERNATIONAL CONFERENCE ON CONTROL SYSTEMS AND COMPUTER SCIENCE (CSCS), 2019, : 296 - 303
[29] Hidden Path: Dynamic Software Watermarking Based on Control flow Obfuscation
Chen, Zhe
Jia, Chunfu
Xu, Donghui
2017 IEEE INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING (CSE) AND IEEE/IFIP INTERNATIONAL CONFERENCE ON EMBEDDED AND UBIQUITOUS COMPUTING (EUC), VOL 2, 2017, : 443 - 450
[30] Technique of Java']Javascript Code Obfuscation Based on Control Flow Tansformations
Wang Zhiyue
Wu Weimin
COMPUTER AND INFORMATION TECHNOLOGY, 2014, 519-520 : 391 - 394

← 1 2 3 4 5 →