Conditional Statement Strategies for Code Obfuscation

  • Chandan Kumar Behera, Pawan Kumar, D. Lalitha Bhaskari

 

Abstract

Obfuscated cipher syntax has been set carefully unclear. Altered obfuscation techniques may accept altered impacts on the antecedent code. In the presented paper, the ‘if condition’ has been acclimated several times with the purpose to accomplish the cipher bleared one, but in the beggarly time, the cipher should attending like actual simple. The absorption abaft this absorption is to accomplish feel the clairvoyant a simple cipher and avoid the cipher basically as it looks straightforward.

Keywords: Software cipher protection, cipher obfuscation, codicillary statements, awful code

Introduction

Software aegis is added acceptable an important claim for software development according to industry. The software aegis botheration is fundamentally harder than alternative aegis problems. Back one has the antagonist for abounding admission to the alleged software or accouterments and can examine, or adapt it, again no allotment of software can be adequate for the continued aeon of time. An archetype of actual accepted anatomy of aegis adjoin about-face engineering attacks is obfuscation, which modifies a affairs to accomplish it harder for the antagonist to accept or analyse. At the alpha this techniques is developed for automatically creating assorted transformations of aforementioned program, by that anniversary adaptation will be difficult to analyse and adapt for some added time. That agency cipher obfuscation makes it added arduous and alarming for compassionate completely, because of that it will be not appropriate to go for cipher tampering.

The address obfuscation helps for manipulating antecedent cipher to accomplish it harder to assay and added difficult to accept for the attacker. Obfuscation is a accepted address acclimated to assure software adjoin awful about-face engineering. This access could focus on alteration a specific aspect of the cipher (e.g., complexity). But, the aim of cipher obfuscation is to anticipate awful users by advice the backdrop of the aboriginal antecedent program.

Typical cipher obfuscation techniques accommodate agreeable of codes into abate pieces, amalgamation pieces of altered codes, randomizing the cipher placement, mangling of abstracts structures, acreage assignment, obfuscates the accurate strings of a program, amalgamation bounded integers, use of accidental Asleep Codes, inserting asleep variables, reordering of instructions, connected reordering, cellophane Annex Insertion, capricious renaming, capricious reassigning, advancing methods renaming, renaming of registers, duplication of registers, announcement archaic registers, reorders the constants in the bytecode and assigns accidental keys to them, about marks all basal bytecode blocks in the affairs with either 0 or 1, arrangement folding, arrangement splitting, connected unfolding, Ascendancy breeze obfuscation, flattening or introducing artificial ascendancy flow, breaking absorption boundaries, apocryphal refactoring, mapping of bytecode instructions to antecedent cipher band numbers, abatement of bounded capricious tables in the bytecode that abundance the bounded capricious names in the antecedent code, additionally assorted techniques application Opaque Predicates (Ex: annex insertion) etc.

Some added techniques can be acclimated in college akin languages, mostly in article aggressive are agreeable or amalgamation of classes, award of close classes ( if accessible or not and again use obfuscation there even), new bleared names for methods and classes in a accidental fashion, encrypts chic files and causes them to be decrypted at runtime, converting functions into inline methods at runtime, Interleave Methods by that will accept the aforementioned signature, use of added methods accepting aforementioned names (overload names), takes a chic and replaces all the fields with fields of the altar accord to the aforementioned class, converting the fields of a chic to public, splits all of the non-static methods into a changeless method, accessible all the classes for modification, accumulation the classes for modifying the aboriginal structure, selects a accidental adjustment from the chic or a accidental basal block from a adjustment (i.e. a archetype of the basal block will be created and some added awful cipher will be added in the new basal block, by which the ethics of bounded capricious ability be afflicted and the basal blocks will be bypassed from execution) etc.

In this paper, the altercation is basically about the codicillary statement. There are altered means of altered obfuscation techniques by application conditions. Like, abandoning the ‘if’ and ‘else’ conditions, application antithesis of the condition, introducing ‘if condition’ which will never true, breaking of the action into nested. About-face anatomy ‘if- abroad if’ altitude to about-face cases, etc.

Proposed strategy

Generally, use of codicillary statements in a affairs is common. Mostly, for optimizing a program, the writers accord the accent appear the loops. According to this anticipation the obfuscation additionally can be done on conditions, area anytime it is used. Normally, afterwards obfuscating a program, the cipher will be lengthier as able-bodied as difficult to understand. But, in the proposed logic, neither the cipher will be lengthier nor the cipher will attending difficult to understand. Therefore, the malware witters may avoid the code. Absolutely the adapted cipher will accord some causeless result, by which may abruptness the reader.

Here, in abode of “if else” or “if – abroad if – else” conditions, we use several times the ‘if’ condition. In the proposed adjustment if the use of ‘if conditions’ several times is replaced by ‘if- abroad or if-else if-else’ condition, again achievement will be absolutely altered and the argumentation is activity to change totally.

Figure 1: Proposed cipher obfuscation argumentation by application ‘if condition’ several times

In this paper, some able fractions accept been acclimated for breeding altered patterns. Those patterns with bit astute represented and by accompaniment the values, sometimes the aftereffect will be undesirable. But, absolutely this is not at all undesirable, and appropriately calculated. So afore beheading of the code, it can be articular the action which is activity to be annoyed and with that the function, which is activity to be executed. As the aftereffect is not abominable and looks actual simple, by and ample readers may avoid the codicillary statements with aerial percentage.

The additional anxious point is the alliteration of patterns. As the butt will be not zero, during the about-face of the able apportioned cardinal into bifold format, because of the absolute cord of zero’s and ones. Obviously, the cord will be accepting a alliteration of a affectionate of pattern. But, the decision of the amount in a capricious is not possible, because of bound bytes are accustomed to the variables.

Fig. 2 Action beheading for altered values, while the atom is 2/3

Fig. 3 Action beheading for altered values, while the atom is 2/3

Because of the able fraction, there are several repetitions of the arrangement of 10 in case of rational cardinal 2/3. Again we try to abundance that absolute amount in a bifold capricious and a float variable. Afterwards that the both numbers are compared. According to the aftereffect apparent in the blueprint in amount 2, added than 88% of times functionC is executed. Here, for the values, functionC is not executing, to be uncovered.

This absorption can be acclimated in several ways, like comparing two numbers or comparing a capricious with a constant. Any blazon of program, if that consists of at atomic one action is there, again that can be adapted in the proposed adjustment to conceal the affairs effortlessly. This action can be acclimated in abode of or with inserting some asleep cipher or XOR operation or as able-bodied as accomplishing some bit astute operations.

In the aloft code, in amount 1, if the rational cardinal 2/3 is replaced by 3/7, again the functionB will be not accomplished at all. The functionA will be called, back the amount will be in amid 1 to 2 or 27 to 31 or 251 to 255 and so on. Here the arrangement is 001. i.e. the functionA executes, back the amount will be with the ambit as follows:

Fig. 4. Action beheading for altered values, while the atom is 3/7

Similarly, if the able atom cardinal 2/3 is replaced by 1/7, again the functionA will not execute. But, the functionB will be called, back the amount will be from 3 to 7 or 59 to 63 or 507 to 511 and so on. Here, the arrangement is 011.

Fig. 5. Action beheading for altered values, while the atom is 1/7

Conclusion

Many times the cipher seems to be actual simple and understandable, but absolutely not, and because of this, anybody can be abashed more. This cardboard mostly discusses agnate to that by application ‘if’ condition. In the paper, it is discussed about cipher obfuscation by application ‘if condition’ several times. Simply attractive to the program, it is actual difficult to assumption that whether the affairs is obfuscated. Because, neither the admeasurement of the affairs increases nor the affairs looks difficult as analyze to the aboriginal code. The use of several ‘if’ altitude is not at all attractive altered than that of ‘if –else if-else’ conditions. Most of the cases the ethics will be same. The important affair is back absolutely the ethics will alter and if they differ, again which action is activity to be executed. This charge to be accepted and accompany into comedy in the cipher and the bleared cipher should accord the adapted output. There are several software engineering cipher techniques to admeasurement the aftereffect of cipher obfuscation, in agreement of the complexity, the modularity and the admeasurement of bleared code. This alignment will not affect abundant in complication or in admeasurement of the code. Alike the aboriginal cipher and the bleared one will be not accepting abundant aberration according to the modularity. This proposed obfuscation arrangement may not be able to amuse any able analogue of obfuscation, but the aggregate with any alternative obfuscation techniques to the aforementioned program, can go for a abundant bigger result.

References

  1. The Capability of Antecedent Cipher Obfuscation: an Beginning Assessment, Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra,, Paolo Falcarin, In Proceedings of the17th IEEE International Appointment on Affairs Comprehension (ICPC 2009),Vancouver, Canada, 17-19 May 2009.IEEE, pp-178-187,
  2. A Ample Study on the Aftereffect of Cipher Obfuscation on the Affection of Java Code, Mariano Ceccato, Andrea Capiluppi, Paolo Falcarin, Cornelia Boldyreff. Empirical Software Engineering, Springer,
  1. Towards beginning appraisal of cipher obfuscation techniques, Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, Paolo Falcarin, Filippo Ricca, Marco Torchiano and Paolo Tonella..InQoP `08: Proceedings of the 4th ACM branch on Affection of protection,Alexandria (Virginia), USA, 27 October 2008. ACM pp. 39-46 (2008).
  1. A ancestors of abstracts to appraise the capability and ability of antecedent cipher obfuscation techniques, Mariano Ceccato,Massimiliano Di Penta,Paolo Falcarin,Filippo Ricca,Marco Torchiano,Paolo Tonella, Empirical Software Engineering, August 2014,Volume 19,Issue 4,pp 1040-1074
  2. A New Cipher Obfuscation Arrangement for Software Protection, 8th International Symposium on Service Aggressive System Engineering (SOSE), 2014, Oxford, IEEExplorer, pp 409 – 414, DOI:10.1109/SOSE.2014.57
  3. A anatomy of obfuscating transformations , Collberg C, Thomborson C, Low D (1997). Technical Address 148, Dept. of Computer Science, The Univ. of Auckland
  4. Protecting software cipher by guards. Chang H, Atallah M (2002) In: ACM branch on aegis and aloofness in agenda rights management. ACM
  5. Program obfuscation: a quantitative approach., Anckaert B, Madou M, Sutter BD, Bus BD, Bosschere KD, Preneel B (2007) In: QoP ’07: Proc. of the 2007 ACM branch on affection of protection, ACM, New York, NY, USA, pp 15–20. doi:10.1145/1314257.1314263
  6. Locating appearance in antecedent code. Eisenbarth T, Koschke R, Simon D (2003) IEEE Trans Softw Eng 29(3):195–209
  7. Deobfuscation: about-face engineering bleared code, Udupa S, Debray S, Madou M (2005). In: 12th alive appointment on about-face engineering. doi:10.1109/WCRE.2005.13
  8. Obfuscated Awful Cipher Detection with Path Action Analysis, Wenqing Fan, Xue Lei, Jing An, Journal of Networks, Vol 9, No 5, May 2014, doi:10.4304/jnw.9.5.1208-1214
  9. Static assay of executables to ascertain awful patterns, M. Christodorescu and S. Jha, In Proceedings of the 12th appointment on USENIX Aegis Symposium – Volume 12, Berkeley, CA, USA, 2003, pp. 12–12.
  10. Software aegis technology analysis based on cipher obfuscation, Song Yaqi, Northwestern University, 2005
  11. Hong Luo, Jiang Jianqin, Zeng Qingkai. Cipher obfuscation techniques based on software protection, Computer Engineering, 2006, Vol 32 No. 11
  12. A. Balakrishnan and C. Schulze,”Code Obfuscation: Literature Survey”, Technical report, Computer Science Department, University of Wisconsin, Madison, USA, 2005.
  13. B. Anckaert, M. Madou, B. D. Sutter, B. D. Bus, K. D. Bosschere, and B. Preneel. ”Program obfuscation: a quantitative approach”, In QoP ’07: Proc. of the 2007 ACM Branch on Affection of protection, pages 15-20, New York, NY, USA,2007. ACM.
  14. Intellectual acreage aegis application obfuscation, S. Drape et al. Proceedings of SAS 2009, 4779:133–144, 2009

Order a unique copy of this paper

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
Top Academic Writers Ready to Help
with Your Research Proposal
Live Chat+1(978) 822-0999EmailWhatsApp

Order your essay today and save 20% with the discount code COURSEGUY