ObfSec: Measuring the security of obfuscations from a testing perspective

Héctor D. Menéndez; Guillermo Suárez-Tangil

doi:10.1016/j.eswa.2022.118298

ObfSec: Measuring the security of obfuscations from a testing perspective

Héctor D. Menéndez^*
, Guillermo Suárez-Tangil

^*Corresponding author for this work

King's College London
IMDEA Networks Institute

Research output: Contribution to journal › Article › peer-review

7 Citations (Scopus)

Abstract

Code obfuscation protects the intellectual property of software. However, systematically altering the control- and data-flow of a program can deteriorate the security of the resulting program. There are a wide-range of obfuscation methods available that alter the layout of the program in different ways. These modifications can introduce bugs in the program or modify the nature and the severity of an existing ones. We propose a novel strategy, called ObfSec (Obfuscation Security), to understand the implications behind obfuscating software. ObfSec starts by detecting errors on software and exposes how the obfuscation can change the nature of those errors, looking in particular at transformations that turn software bugs into a exploitable vulnerable program. Our results, on a corpus of around 70,000 programs and obfuscations, show that obfuscation can deteriorate the security of a program.

Original language	English
Article number	118298
Journal	Expert Systems with Applications
Volume	210
DOIs	https://doi.org/10.1016/j.eswa.2022.118298
Publication status	Published - 30 Dec 2022

Keywords

Obfuscations
Security
Testing

Access to Document

10.1016/j.eswa.2022.118298

Cite this

@article{bb4d0011e8774fb182521a851431dfc8,

title = "ObfSec: Measuring the security of obfuscations from a testing perspective",

abstract = "Code obfuscation protects the intellectual property of software. However, systematically altering the control- and data-flow of a program can deteriorate the security of the resulting program. There are a wide-range of obfuscation methods available that alter the layout of the program in different ways. These modifications can introduce bugs in the program or modify the nature and the severity of an existing ones. We propose a novel strategy, called ObfSec (Obfuscation Security), to understand the implications behind obfuscating software. ObfSec starts by detecting errors on software and exposes how the obfuscation can change the nature of those errors, looking in particular at transformations that turn software bugs into a exploitable vulnerable program. Our results, on a corpus of around 70,000 programs and obfuscations, show that obfuscation can deteriorate the security of a program.",

keywords = "Obfuscations, Security, Testing",

author = "Men{\'e}ndez, \{H{\'e}ctor D.\} and Guillermo Su{\'a}rez-Tangil",

note = "Funding Information: This research was funded by UK Research and Innovation Trustworthy Autonomous Systems Node in Verifiability ( EP/V026801/2 ), EPSRC, United Kingdom under grant EP/T026723/1 , and the “Ramon y Cajal” Fellowship RYC-2020-029401-I . Publisher Copyright: {\textcopyright} 2022 The Authors",

year = "2022",

month = dec,

day = "30",

doi = "10.1016/j.eswa.2022.118298",

language = "English",

volume = "210",

journal = "Expert Systems with Applications",

issn = "0957-4174",

publisher = "Elsevier Limited",

}

TY - JOUR

T1 - ObfSec

T2 - Measuring the security of obfuscations from a testing perspective

AU - Menéndez, Héctor D.

AU - Suárez-Tangil, Guillermo

N1 - Funding Information: This research was funded by UK Research and Innovation Trustworthy Autonomous Systems Node in Verifiability ( EP/V026801/2 ), EPSRC, United Kingdom under grant EP/T026723/1 , and the “Ramon y Cajal” Fellowship RYC-2020-029401-I . Publisher Copyright: © 2022 The Authors

PY - 2022/12/30

Y1 - 2022/12/30

N2 - Code obfuscation protects the intellectual property of software. However, systematically altering the control- and data-flow of a program can deteriorate the security of the resulting program. There are a wide-range of obfuscation methods available that alter the layout of the program in different ways. These modifications can introduce bugs in the program or modify the nature and the severity of an existing ones. We propose a novel strategy, called ObfSec (Obfuscation Security), to understand the implications behind obfuscating software. ObfSec starts by detecting errors on software and exposes how the obfuscation can change the nature of those errors, looking in particular at transformations that turn software bugs into a exploitable vulnerable program. Our results, on a corpus of around 70,000 programs and obfuscations, show that obfuscation can deteriorate the security of a program.

AB - Code obfuscation protects the intellectual property of software. However, systematically altering the control- and data-flow of a program can deteriorate the security of the resulting program. There are a wide-range of obfuscation methods available that alter the layout of the program in different ways. These modifications can introduce bugs in the program or modify the nature and the severity of an existing ones. We propose a novel strategy, called ObfSec (Obfuscation Security), to understand the implications behind obfuscating software. ObfSec starts by detecting errors on software and exposes how the obfuscation can change the nature of those errors, looking in particular at transformations that turn software bugs into a exploitable vulnerable program. Our results, on a corpus of around 70,000 programs and obfuscations, show that obfuscation can deteriorate the security of a program.

KW - Obfuscations

KW - Security

KW - Testing

UR - https://www.scopus.com/pages/publications/85135950897

U2 - 10.1016/j.eswa.2022.118298

DO - 10.1016/j.eswa.2022.118298

M3 - Article

AN - SCOPUS:85135950897

SN - 0957-4174

VL - 210

JO - Expert Systems with Applications

JF - Expert Systems with Applications

M1 - 118298

ER -

ObfSec: Measuring the security of obfuscations from a testing perspective

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this