Hybrid Obfuscation Technique to Protect Source Code From Prohibited Software Reverse Engineering

Al-Hakimi, Asma'a Mahfoud Hezam; Sultan, Abu Bakar; Ghani, Abdul; Ali, Norhayati Mohd; Admodisastro, Novia

doi:10.1109/access.2020.3028428

Cited by 7 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…String obfuscation is very effective in protecting the code from theft. When the string is obfuscated, only the compiler can read and output it, while it becomes unreadable to humans [7].…”

Section: String Obfuscationmentioning

confidence: 99%

Hybrid Obfuscation of Encryption

Al-Hakimi¹,

Sultan²

2023

Coding Theory Essentials

View full text Add to dashboard Cite

Obfuscation is an encryption method. It allows the programmer to reform the code for protection. Obfuscation has promising chance to change the way of coding, where the programmer has the ability to program with any language, not necessarily English. Obfuscation, Unicode, and mathematical equations have the possibility to change strings and identifiers and to hide secret algorithms and business rules. Special dictionary is used for the string obfuscation to hide the logic of the program. The hybrid obfuscation technique will be implemented into a tool that automatically converts the code. It can be can be used for games and mobile applications for protection. With obfuscation, the application still has the ability to perform sufficiently and provide the desired output without any delays in performing timing. After obfuscating the source file, reverser still has the ability to break the object file but will not be able to read or understand and when obfuscation technique is complicated, reversing leads to error where original code disappears. In this chapter, hybrid obfuscation will be presented with examples, and obfuscation table is presented as well for future use.

show abstract

“…String obfuscation is very effective in protecting the code from theft. When the string is obfuscated, only the compiler can read and output it, while it becomes unreadable to humans [7].…”

Section: String Obfuscationmentioning

confidence: 99%

Hybrid Obfuscation of Encryption

Al-Hakimi¹,

Sultan²

2023

Coding Theory Essentials

View full text Add to dashboard Cite

show abstract

“…The practice of contaminating web applications with malevolent software is termed malware. In Recent Times, a massive number of malwares has been devised for attacking IoT systems [75,76] Control flow side-channel assessment [77], software integrity validation, malware detector [78], Security updates [79] (continued) Reverse Engineering All An attempt to analyze the firmware of IoT devices to reach sensitive data i.e., users' credentials [93] Self-destruction and Tamper proofing, IC/IP Obfuscation and encryption [94,95] (continued) Identity and access management, authentication, multi-factor authentication guidance, dynamic credentials [100] Brute-force attacks S4, S6 An active attack hinges on a trial-and-error strategy to obtain some data such as passwords, finance, identifiers. It employs automatic software to engender a massive amount of successive suppositions to decrypt the ciphertext [85,86] Locking out IP address, discovery tools, brute force site scanning tools [101] Data exposure attacks…”

Section: Allmentioning

confidence: 99%

Internet of Things Security Requirements, Threats, Attacks, and Countermeasures

Abdel‐Basset

Moustafa

Hawash

et al. 2021

Deep Learning Techniques for IoT Security and Privacy

View full text Add to dashboard Cite

This chapter elaborates on different security aspects to be taken into accounts during the development and the deployments of IoT architecture. To make the reader about the security of the IoT based system, this chapter begins by defining the contemporary security requirements that should be considered to realize a reliable and trustworthy IoT environment. Then, the discussion extends to differentiate different concepts of IoT security i.e., threat, vulnerability, countermeasure, attacks, risks; and also explain how the concepts relate to each other. Later, a systematic taxonomy is presented for classifying IoT attacks according to IoT assets, where each class of IoT is further classified into more subcategories. Finally, the discussion of each elaborate different categories of IoT attack indicating their main security targets and possible IoT countermeasures.To sum up, this chapter intends to provide a comprehensive overview regarding IoT security vulnerabilities, threats, countermeasures, risks along with practices of handling them all through the following sections: • Security Requirements in Internet of Things • IoT threats, Attacks, vulnerabilities, and risks • Today's IoT attacks and Countermeasures • IoT attack surfaces • Summary and Learnt Lessons.

show abstract

“…Both commercial [5,6] and open-source [7,8] obfuscation tools offer a variety of obfuscation techniques. Moreover, the category of researcher-developed obfuscation techniques and tools exhibits a diverse range of characteristics as well [9][10][11][12][13]. However, there are insufficient accurate analysis results regarding the effectiveness of source code obfuscation techniques for each tool; there is also a lack of proven measurement indicators that can quantitatively measure the strength of protection [14,15].…”

Section: Introductionmentioning

confidence: 99%

A Framework to Quantify the Quality of Source Code Obfuscation

Jin,

Lee,

Yang

et al. 2024

Preprint

View full text Add to dashboard Cite

Malicious reverse engineering of software has served as a valuable technique that attackers can use to infringe upon and steal intellectual property. To protect against such attackers, we can employ obfuscation techniques as useful tools to safeguard software. Applying obfuscation techniques to source code can effectively prevent malicious attackers from reverse engineering a program. However, the ambiguity surrounding the protective efficacy of these source code obfuscation tools and techniques presents challenges for users in evaluating and comparing the varying degrees of protection provided. This paper attempts to address these issues and presents a methodology to quantify the effect of source code obfuscation. Our proposed method is based on three main types of data: (1) the control flow graph, (2) the program path, and (3) the performance overhead added to the process---all of which are derived from a program analysis conducted by human experts and automated tools. For the first time, we have implemented a tool that can quantitatively evaluate the quality of obfuscation techniques. Then, to validate the effectiveness of the implemented framework, we conducted experiments using four widely recognized commercial and open-source obfuscation tools. Our experimental findings, based on quantitative values related to obfuscation techniques, demonstrate that our proposed framework effectively assesses obfuscation quality.

show abstract

Hybrid Obfuscation Technique to Protect Source Code From Prohibited Software Reverse Engineering

Cited by 7 publications

References 24 publications

Hybrid Obfuscation of Encryption

Hybrid Obfuscation of Encryption

Internet of Things Security Requirements, Threats, Attacks, and Countermeasures

A Framework to Quantify the Quality of Source Code Obfuscation

Contact Info

Product

Resources

About