中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
Random table and hash coding-based binary code obfuscation against stack trace analysis
Author: Xie, X; Lu, B; Gong, DF; Luo, XY; Liu, FL
Keyword: program diagnostics ; reverse engineering ; cryptography ; hash coding-based binary code obfuscation method ; stack trace analysis ; random table ; thwart reverse engineering ; call chains ; stack tracing ; reverse program analysis ; ret instructions ; call instructions
Source: IET INFORMATION SECURITY
Issued Date: 2016
Volume: 10, Issue:1, Pages:18-27
Indexed Type: SCI
Department: Zhengzhou Informat Sci & Technol Inst, Zhengzhou 450002, Henan, Peoples R China. State Key Lab Math Engn & Adv Comp, Zhengzhou 450002, Henan, Peoples R China. Chinese Acad Sci, Inst Software, State Key Lab Informat Secur, Beijing 100190, Henan, Peoples R China.
Abstract:

Code obfuscation is intended to thwart reverse engineering by making programmes hard to understand. Call chains collected by stack tracing can be used to understand the behaviour of programmes. To hinder reverse analysis of stack tracing, a binary code obfuscation method based on random obfuscated table and hash coding is proposed. Random obfuscated table is used to map call addresses while call and ret instructions are executing. Hash coding and random value can be used to encode and decode the data of stack frames in the run-time programmes. Experiment and analysis show that the obfuscation can effectively impede stack trace analysis and increase the cost of reverse analysis for programmes.

English Abstract:

Code obfuscation is intended to thwart reverse engineering by making programmes hard to understand. Call chains collected by stack tracing can be used to understand the behaviour of programmes. To hinder reverse analysis of stack tracing, a binary code obfuscation method based on random obfuscated table and hash coding is proposed. Random obfuscated table is used to map call addresses while call and ret instructions are executing. Hash coding and random value can be used to encode and decode the data of stack frames in the run-time programmes. Experiment and analysis show that the obfuscation can effectively impede stack trace analysis and increase the cost of reverse analysis for programmes.

Language: 英语
WOS ID: WOS:000366830000003
Citation statistics:
Content Type: 期刊论文
Version: 出版稿
URI: http://ir.iscas.ac.cn/handle/311060/17422
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:
File Name/ File Size Content Type Version Access License
07361702.pdf(856KB)期刊论文出版稿限制开放 联系获取全文

Recommended Citation:
Xie, X,Lu, B,Gong, DF,et al. Random table and hash coding-based binary code obfuscation against stack trace analysis[J]. IET INFORMATION SECURITY,2016-01-01,10(1):18-27.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Xie, X]'s Articles
[Lu, B]'s Articles
[Gong, DF]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Xie, X]‘s Articles
[Lu, B]‘s Articles
[Gong, DF]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace