Abstract
Source code obfuscation is one of the techniques used by software developers to protect their software. Obfuscation techniques transform the original code to a new protected version which is harder for the attackers to understand but have the same function as the original one. Most of obfuscation techniques are not based on well-defined measurements to clarify their effectiveness in protecting the source code from reveres engineering attacks. This paper presents an experimental study to investigate the effectiveness of specific control flows obfuscation technique—A parameterized flattening—in software protection against human attacks. We conduct an experiment, where software developers participate to perform an attack task on two applications written in C sharp programming language where one of the applications is clear and the other one is obfuscated with control flow obfuscation technique. As a result of the statistical analysis used in this paper, it is shown that only the obfuscation treatment significantly affects the correctness of the attacker to perform a successful attack, where the obfuscation reduced the correctness of the attacker by 50%. The complexity of the application has no significant effect on the correctness of the understanding tasks. Also, neither obfuscation treatment nor the complexity of the application has any effect on the correctness of the modification attack tasks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Savio, A., Saurabh, M., Paulami, S., Mudit, K.: A study & review on code obfuscation. In: World Conference on Futuristic Trends in Research and Innovation for Social Welfare, Tamil Nadu, India (2016)
Hui, X., Yangfan, Z., Yu, K., Michael, R.L.: On Secure and Usable Program Obfuscation: A Survey. Department of Computer Science, The Chinese University of Hong Kong (2017)
Chandan, K., Lalitha, B.: Different obfuscation techniques for code protection. In: 4th International Conference on Eco-friendly Computing and Communication Systems, ScienceDirect (2015)
Asish, K.D., Shakya, S.D., Sanjay, K.J.: A code obfuscation technique to prevent reverse engineering. In: 2017 International Conference on Wireless Communications, Signal Processing and Networking (2017)
Christian, C., Clark, T., Douglas, L.: Taxonomy of Obfuscating Transformations. Department of Computer Science, The University of Auckland, New Zealand (1997)
Mariano, C., Andrea, C., Paolo, F., Cornelia, B.: A Large Study on the Effect of Code Obfuscation on the Quality of Java Code, pp. 1–39. Empirical Software Engineering (2014)
Rabih, M.: Quantitative Measures for Code Obfuscation Security Imperial. Imperial College London, Department of Computing, London (2016)
Mariano, C., Massimiliano, D., Jasvir, N., Poalo, F.: Towards experimental evaluation of code obfuscation techniques. In: Proceedings of the 4th ACM Workshop on Quality of Protection, Alexandria (2008)
Mariano, C., Massimiliano, D., Jasvir, N.: The effectiveness of source code obfuscation: an experimental assessment. In: 2009 IEEE 17th International Conference on Program Comprehension (2009)
Alessio, V., Leonardo, R., Marco, T.: Assessment of source code obfuscation techniques. In: 2016 IEEE 16th International Working Conference on Source Code Analysis and Manipulation (SCAM), Department of Automatic and Informatics, Italy (2016)
Dominik, W., Nicolas, H., Yasemin, A., Brad, R., Patrick, T., Sascha, F.: A large scale investigation of obfuscation use in Google Play. In: Annual Computer Security Applications Conference (2018)
Zheheng, L., Wenlin, L., Jing, G., Deyu, Q., Jijun, Z.: A parameterized flattening control flow based obfuscation algorithm with opaque predicate for reduplicate obfuscation. In: International Conference on Progress in Informatics and Computing (PIC) (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Bin Shamlan, M.H., Alaidaroos, A.S., Bin Merdhah, M.H., Bamatraf, M.A., Zain, A.A. (2021). Experimental Evaluation of the Obfuscation Techniques Against Reverse Engineering. In: Saeed, F., Al-Hadhrami, T., Mohammed, F., Mohammed, E. (eds) Advances on Smart and Soft Computing. Advances in Intelligent Systems and Computing, vol 1188. Springer, Singapore. https://doi.org/10.1007/978-981-15-6048-4_33
Download citation
DOI: https://doi.org/10.1007/978-981-15-6048-4_33
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-6047-7
Online ISBN: 978-981-15-6048-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)