Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis?

Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis?

Abstract

Software obfuscation has always been a controversially discussed research area. While theoretical results indicate that provably secure obfuscation in general is impossible, its widespread application in malware and commercial software shows that it is nevertheless popular in practice. Still, it remains largely unexplored to what extent today’s software obfuscations keep up with state-of-the-art code analysis and where we stand in the arms race between software developers and code analysts. The main goal of this survey is to analyze the effectiveness of different classes of software obfuscation against the continuously improving deobfuscation techniques and off-the-shelf code analysis tools. The answer very much depends on the goals of the analyst and the available resources. On the one hand, many forms of lightweight static analysis have difficulties with even basic obfuscation schemes, which explains the unbroken popularity of obfuscation among malware writers. On the other hand, more expensive analysis techniques, in particular when used interactively by a human analyst, can easily defeat many obfuscations. As a result, software obfuscation for the purpose of intellectual property protection remains highly challenging.

Grafik Top
Authors
  • Schrittwieser, Sebastian
  • Katzenbeisser, Stefan
  • Kinder, Johannes
  • Merzdovnik, Georg
  • Weippl, Edgar
Grafik Top
Shortfacts
Category
Journal Paper
Divisions
Security and Privacy
Subjects
Computersicherheit
Journal or Publication Title
ACM Computing Surveys
ISSN
0360-0300
Page Range
pp. 1-37
Number
1
Volume
49
Date
July 2016
Official URL
http://dx.doi.org/10.1145/2886012
Export
Grafik Top