Friday, April 5, 2019
Conditional Statement Strategies for Code Obfuscation
qualified Statement Strategies for ordinance bafflementChandan Kumar Behera, Pawan Kumar, D. Lalitha BhaskariAbstractObfuscated canon syntax has been set intention all toldy unclear. Different bafflement techniques may have antithetic impacts on the come order. In the presented paper, the if condition has been used s foreveral quantify with the purpose to make the code obfuscated one, but in the mean time, the code should look like real simple-minded. The idea behind this concept is to make feel the reader a simple code and displace the code basically as it looks straightforward.Keywords Softwargon code warranter eyeshade, code befuddlement, conditional statements, malicious code submission packet protection is increasingly becoming an important requirement for bundle development according to industry. The packet protection problem is fundamentally harder than other security problems. When one has the adversary for full access to the elect software or hardware an d can examine, or modify it, hence no piece of software can be protected for the long period of time. An example of very common cast of protection against reverse engineering attacks is mystification, which modifies a course of study to make it harder for the adversary to understand or analyse. At the rise this techniques is developed for automatically creating multiple transformations of same program, by that each version provide be surd to analyse and modify for some more time. That means code obfuscation makes it more laborious and hard for understanding completely, because of that it exit be non advisable to go for code tampering.The technique obfuscation helps for manipulating source code to make it harder to analyze and more difficult to understand for the attacker. Obfuscation is a common technique used to protect software against malicious reverse engineering. This approach could focus on changing a specific aspect of the code (e.g., complexity). But, the aim of co de obfuscation is to prevent malicious users by disclosing the properties of the master source program.Typical code obfuscation techniques include splitting of codes into smaller pieces, merging pieces of unrelated codes, stochasticizing the code placement, mangling of data structures, field assignment, obfuscates the literal railroad trains of a program, merging local integers, use of random unawares Codes, inserting dead variables, reordering of instructions, parameter reordering, transparent Branch Insertion, variable renaming, variable reassigning, aggressive methods renaming, renaming of registers, duplication of registers, promoting unmannerly registers, reorders the constants in the bytecode and assigns random keys to them, randomly marks all basic bytecode blocks in the program with either 0 or 1, array folding, array splitting, constant unfolding, Control flow obfuscation, flattening or introducing bogus control flow, recess abstraction boundaries, false refactoring, mapping of bytecode instructions to source code line numbers, removal of local variable tables in the bytecode that store the local variable name in the source code, also various techniques utilise Opaque Predicates (Ex branch insertion) etc.Some more techniques can be used in high level languages, mostly in object oriented are splitting or merging of classes, conclusion of inner classes ( if available or not and then(prenominal) use obfuscation there even), new obfuscated names for methods and classes in a random fashion, encrypts class files and causes them to be decrypted at runtime, converting functions into inline methods at runtime, Interleave Methods by that will have the same signature, use of more methods having same names (overload names), takes a class and replaces all the handle with fields of the objects belong to the same class, converting the fields of a class to public, splits all of the non-static methods into a static method, bluff all the classes for modifi cation, group the classes for modifying the original structure, selects a random method from the class or a random basic block from a method (i.e. a copy of the basic block will be created and some additional malicious code will be added in the new basic block, by which the ranges of local variable might be changed and the basic blocks will be bypassed from execution) etc.In this paper, the discussion is basically about the conditional statement. There are different ways of different obfuscation techniques by apply conditions. Like, reversing the if and else conditions, development negation of the condition, introducing if condition which will never true, breaking of the condition into nested. Conversion form if- else if conditions to switch cases, etc.Proposed strategyGenerally, use of conditional statements in a program is common. nighly, for optimizing a program, the writers keep the stress towards the loops. According to this thought the obfuscation also can be done on cond itions, where ever it is used. Normally, after obfuscating a program, the code will be lengthier as well as difficult to understand. But, in the proposed system of logic, neither the code will be lengthier nor the code will look difficult to understand. Therefore, the malware witters may can the code. Actually the modified code will give some undesired result, by which may wonder the reader.hither, in place of if else or if else if else conditions, we use several(prenominal) times the if condition. In the proposed method if the use of if conditions several times is replaced by if- else or if-else if-else condition, then output will be totally different and the logic is going to change totally.Figure 1 Proposed code obfuscation logic by using if condition several timesIn this paper, some proper fractions have been used for generating different patterns. Those patterns with bit pert represented and by rounding-off the values, sometimes the result will be undesirable. But, actual ly this is not at all undesirable, and properly calculated. So before execution of the code, it can be identified the condition which is going to be satisfied and with that the function, which is going to be executed. As the result is not undesirable and looks very simple, by and king-size readers may ignore the conditional statements with high percentage.The second concerned point is the repetition of patterns. As the residuum will be not zero, during the conversion of the proper fractional number into binary format, because of the infinite string of zeros and ones. Obviously, the string will be getting a repetition of a gracious of pattern. But, the visualization of the value in a variable is not possible, because of limited bytes are allowed to the variables.Fig. 2 break execution for different values, season the fraction is 2/3Fig. 3 Function execution for different values, plot the fraction is 2/3Because of the proper fraction, there are several repetitions of the pattern of 10 in case of rational number 2/3. Then we try to store that infinite value in a double variable and a float variable. After that the both numbers are compared. According to the result shown in the graph in figure 2, more than 88% of times functionC is executed. Here, for the values, functionC is not executing, to be uncovered.This concept can be used in several ways, like comparing dickens numbers or comparing a variable with a constant. Any type of program, if that consists of at least(prenominal) one condition is there, then that can be modified in the proposed method to obfuscate the program effortlessly. This strategy can be used in place of or with inserting some dead code or XOR operation or as well as insideng some bit wise operations.In the above code, in figure 1, if the rational number 2/3 is replaced by 3/7, then the functionB will be not executed at all. The functionA will be called, when the value will be in between 1 to 2 or 27 to 31 or 251 to 255 and so on. Her e the pattern is 001. i.e. the functionA executes, when the value will be with the range as followsFig. 4. Function execution for different values, while the fraction is 3/7Similarly, if the proper fraction number 2/3 is replaced by 1/7, then the functionA will not execute. But, the functionB will be called, when the value will be from 3 to 7 or 59 to 63 or 507 to 511 and so on. Here, the pattern is 011.Fig. 5. Function execution for different values, while the fraction is 1/7ConclusionMany times the code seems to be very simple and understandable, but actually not, and because of this, anybody can be confused more. This paper mostly discusses similar to that by using if condition. In the paper, it is discussed about code obfuscation by using if condition several times. Simply feeling to the program, it is very difficult to guess that whether the program is obfuscated. Because, neither the size of the program increases nor the program looks difficult as compare to the original code . The use of several if conditions is not at all looking different than that of if else if-else conditions. Most of the cases the values will be same. The important thing is when exactly the values will differ and if they differ, then which function is going to be executed. This need to be understood and bring into play in the code and the obfuscated code should give the desired output. There are several software engineering code techniques to measure the effect of code obfuscation, in terms of the complexity, the modularity and the size of obfuscated code. This methodology will not affect oftentimes in complexity or in size of the code. Even the original code and the obfuscated one will be not having much difference according to the modularity. This proposed obfuscation scheme may not be able to satisfy any strong definition of obfuscation, but the combination with any other obfuscation techniques to the same program, can go for a much better result.ReferencesThe Effectiveness of Source Code Obfuscation an Experimental Assessment, Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra,, Paolo Falcarin, In Proceedings of the17th IEEE International Conference on Program Comprehension (ICPC 2009),Vancouver, Canada, 17-19 May 2009.IEEE, pp-178-187,A Large Study on the Effect of Code Obfuscation on the look of Java Code, Mariano Ceccato, Andrea Capiluppi, Paolo Falcarin, Cornelia Boldyreff. experimental Software Engineering, Springer,Towards experimental evaluation of code obfuscation techniques, Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, Paolo Falcarin, Filippo Ricca, Marco Torchiano and Paolo Tonella..InQoP 08 Proceedings of the 4th ACM workshop on Quality of protection,Alexandria (Virginia), USA, 27 October 2008. ACM pp. 39-46 (2008).A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques, Mariano Ceccato,Massimiliano Di Penta,Paolo Falcarin,Filippo Ricca,Marco Torchiano,Paolo Tonella, Empirical Softw are Engineering, August 2014, mass 19,Issue 4,pp 1040-1074A New Code Obfuscation Scheme for Software Protection, 8th International Symposium on Service Oriented System Engineering (SOSE), 2014, Oxford, IEEExplorer, pp 409 414, DOI10.1109/SOSE.2014.57A taxonomy of obfuscating transformations , Collberg C, Thomborson C, Low D (1997). Technical piece of music 148, Dept. of Computer Science, The Univ. of AucklandProtecting software code by guards. Chang H, Atallah M (2002) In ACM workshop on security and privacy in digital rights management. ACMProgram obfuscation a decimal approach., Anckaert B, Madou M, Sutter BD, Bus BD, Bosschere KD, Preneel B (2007) In QoP 07 Proc. of the 2007 ACM workshop on quality of protection, ACM, New York, NY, USA, pp 1520. doi10.1145/1314257.1314263Locating features in source code. Eisenbarth T, Koschke R, Simon D (2003) IEEE Trans Softw Eng 29(3)195209Deobfuscation reverse engineering obfuscated code, Udupa S, Debray S, Madou M (2005). In 12th working c onference on reverse engineering. doi10.1109/WCRE.2005.13Obfuscated Malicious Code Detection with Path Condition Analysis, Wenqing Fan, Xue Lei, Jing An, Journal of Networks, Vol 9, No 5, May 2014, doi10.4304/jnw.9.5.1208-1214 soundless analysis of executables to detect malicious patterns, M. Christodorescu and S. Jha, In Proceedings of the 12th conference on USENIX Security Symposium Volume 12, Berkeley, CA, USA, 2003, pp. 1212.Software protection technology research based on code obfuscation, Song Yaqi, north University, 2005Hong Luo, Jiang Jianqin, Zeng Qingkai. Code obfuscation techniques based on software protection, Computer Engineering, 2006, Vol 32 No. 11A. Balakrishnan and C. Schulze,Code Obfuscation Literature Survey, Technical report, Computer Science Department, University of Wisconsin, Madison, USA, 2005.B. Anckaert, M. Madou, B. D. Sutter, B. D. Bus, K. D. Bosschere, and B. Preneel. Program obfuscation a quantitative approach, In QoP 07 Proc. of the 2007 ACM Workshop on Quality of protection, pages 15-20, New York, NY, USA,2007. ACM.Intellectual property protection using obfuscation, S. Drape et al. Proceedings of SAS 2009, 4779133144, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.