Invalidating Analysis Knowledge for Code Virtualization Protection Through Partition Diversity

Abstract: To protect programs from unauthorized analysis, virtualize the code based on Virtual Machine (VM) technologies is emerging as a feasible method for accomplishing code obfuscation. However, in some State-of-the-art VM-based protection approaches, the set of virtual instructions and bytecode interpreters are fixed across the whole programs. This means an experienced attacker could extract the mapping information between virtual instructions and native code from programs, and use this knowledge to uncover the map… Show more

“…According to effectiveness and efficiency, obfuscating transformations are classified with four categories, including layout obfuscation, data obfuscation, control obfuscation, and preventive obfuscation. So far, the research on code obfuscation algorithms has been very mature, and various algorithms have emerged endlessly [12], [29], [54], [13], [41], [56]. Table I shows eight typical code obfuscation algorithms, most of the existing algorithms are derived from them.…”

“…The second question, from a reverse engineering perspective, is: What kinds of obfuscation algorithm are employed on the target program? It is worth mentioning that new obfuscation algorithms [12], [29], [54], [13], [41], [56] and tools [48], [46], [50], [49], [25], [14] have emerged in an endless stream in recent years. Obviously, it is very ambitious for security analysts to understand the characteristics of each code obfuscation and quickly analyze which obfuscation algorithms the target program adopts.…”

Semantics-aware obfuscation scheme prediction for binary

“…According to effectiveness and efficiency, obfuscating transformations are classified with four categories, including layout obfuscation, data obfuscation, control obfuscation, and preventive obfuscation. So far, the research on code obfuscation algorithms has been very mature, and various algorithms have emerged endlessly [12], [29], [54], [13], [41], [56]. Table I shows eight typical code obfuscation algorithms, most of the existing algorithms are derived from them.…”

“…The second question, from a reverse engineering perspective, is: What kinds of obfuscation algorithm are employed on the target program? It is worth mentioning that new obfuscation algorithms [12], [29], [54], [13], [41], [56] and tools [48], [46], [50], [49], [25], [14] have emerged in an endless stream in recent years. Obviously, it is very ambitious for security analysts to understand the characteristics of each code obfuscation and quickly analyze which obfuscation algorithms the target program adopts.…”

Semantics-aware obfuscation scheme prediction for binary

Compile-time code virtualization for android applications

Design and Evaluation of an English Virtual Teaching Effectiveness Evaluation System Based on Improved GLR Algorithm