Kybernetika 48 no. 3, 494-501, 2012

C source code obfuscator

Lukáš Ďurfina and Dušan Kolář

Abstract:

Obfuscation is a process that changes the code, but without any change to semantics. This process can be done on two levels. On the binary code level, where the instructions or control flow are modified, or on the source code level, where we can change only a structure of code to make it harder to read or we can make adjustments to reduce chance of successful reverse engineering.

Keywords:

obfuscation, source code, malware

Classification:

68N15

paper.pdf

References:

  1. Free Software Foundation and Inc.: Volatiles - Using the GNU Compiler Collection. 2010, \url{http://gcc.gnu.org/onlinedocs/gcc/Volatiles.html}.   CrossRef
  2. N. Harbour: Advanced Software Armoring and Polymorphic Kung-Fu. DEFCON 16, 2008.   CrossRef
  3. Intel: Intel Architecture Software Developer's Manual Volume 2: Instruction Set Reference. 1999, \url{http://download.intel.com/design/intarch/manuals/24319101.pdf}.   CrossRef
  4. A. Karnik, S. Goswami and R. Guha: Detecting Obfuscated Viruses Using Cosine Similarity Analysis. Modelling Simulation, 2007.   CrossRef
  5. D. Low: Protecting Java code via code obfuscation. In: Crossroads - Special Issue on Robotics, 1998.   CrossRef
  6. Microsoft: MSDN Library. \url{http://msdn.microsoft.com/en-us/library/ms123401.aspx}.   CrossRef
  7. A. Moser, Ch. Kruegel and E. Kirda: Limits of static analysis for malware detection. In: Computer Security Applications Conference, 2007.   CrossRef
  8. Ch. Savarese and B. Hart.: The Caesar Cipher. 1999, \url{http://www.cs.trincoll.edu/ crypto/historical/caesar.html}.   CrossRef