Data obfuscations are program transformations used to complicate program understanding and conceal actual values of program variables. The possibility to hide constant values is a basic building block of several obfuscation techniques. In XOR-Masking, a constant mask is used to obfuscate data, but this mask must be hidden too, in order to keep the obfuscation resilient to attacks.In this paper, we present a novel extension of XOR-Masking where the mask is an opaque constant, i.e. a value that is difficult to guess by static analysis. In fact, opaque constants are constructed such that static analysis should solve the k-clique problem, which is known to be NP-complete, to identify the mask value.In our experimental assessment we apply obfuscation to 12 real Java applications. We observe that obfuscation does not alter the program correctness and we record performance overhead due to obfuscation, in terms of execution time and memory consumption. (C) 2019 Elsevier Inc. All rights reserved.
Experimental assessment of XOR-Masking data obfuscation based on K-Clique opaque constants
Ceccato, Mariano
2020-01-01
Abstract
Data obfuscations are program transformations used to complicate program understanding and conceal actual values of program variables. The possibility to hide constant values is a basic building block of several obfuscation techniques. In XOR-Masking, a constant mask is used to obfuscate data, but this mask must be hidden too, in order to keep the obfuscation resilient to attacks.In this paper, we present a novel extension of XOR-Masking where the mask is an opaque constant, i.e. a value that is difficult to guess by static analysis. In fact, opaque constants are constructed such that static analysis should solve the k-clique problem, which is known to be NP-complete, to identify the mask value.In our experimental assessment we apply obfuscation to 12 real Java applications. We observe that obfuscation does not alter the program correctness and we record performance overhead due to obfuscation, in terms of execution time and memory consumption. (C) 2019 Elsevier Inc. All rights reserved.File | Dimensione | Formato | |
---|---|---|---|
main.pdf
Open Access dal 02/05/2022
Tipologia:
Documento in Post-print
Licenza:
Accesso ristretto
Dimensione
322.79 kB
Formato
Adobe PDF
|
322.79 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.