Obfuscation Techniques

It aims at hardening the process of reverse engineering.

• Increases level of experience required

• Increases cost (time, money)

• Imposes the need for specific tools, techniques and procedures

Applications (some):

• License-protected software: to prevent the generation of arbitrary licenses or subversion of the program code

• Proprietary software: prevent the recovery of a design pattern or algorithm (IP protection)

• Malware: to prevent recovery of the actions, prevent detection, Social Engineer users

Static vs Dynamic

Static obfuscation frequently transforms code before execution.

• Maybe before the compilation, or during compilation

• Countering static analysis

• An obfuscated program is complex to analyze

Dynamic obfuscation transforms code during execution

• Countering Dynamic Analysis

• The obfuscated program may change its behaviour, expand or include further code

Main Categories (Balachandran, TIFS 2013)

• Layout Obfuscation

• Design Obfuscation

• Data Obfuscation

• Control Obfuscation