Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model

Yuichiro Kanzaki, Akito Monden, Christian S Collberg

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.

Original languageEnglish (US)
Title of host publicationProceedings - International Workshop on Software Protection, SPRO 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages31-37
Number of pages7
ISBN (Electronic)9781467370943
DOIs
StatePublished - Jul 31 2015
Event1st International Workshop on Software Protection, SPRO 2015 - Florence, Italy
Duration: May 19 2015 → …

Other

Other1st International Workshop on Software Protection, SPRO 2015
CountryItaly
CityFlorence
Period5/19/15 → …

Fingerprint

Flow control
Cryptography

Keywords

  • Code Obfuscation
  • Code Stealth
  • Program Analysis
  • Software Protection

ASJC Scopus subject areas

  • Software

Cite this

Kanzaki, Y., Monden, A., & Collberg, C. S. (2015). Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model. In Proceedings - International Workshop on Software Protection, SPRO 2015 (pp. 31-37). [7174808] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SPRO.2015.14

Code Artificiality : A Metric for the Code Stealth Based on an N-Gram Model. / Kanzaki, Yuichiro; Monden, Akito; Collberg, Christian S.

Proceedings - International Workshop on Software Protection, SPRO 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 31-37 7174808.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kanzaki, Y, Monden, A & Collberg, CS 2015, Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model. in Proceedings - International Workshop on Software Protection, SPRO 2015., 7174808, Institute of Electrical and Electronics Engineers Inc., pp. 31-37, 1st International Workshop on Software Protection, SPRO 2015, Florence, Italy, 5/19/15. https://doi.org/10.1109/SPRO.2015.14
Kanzaki Y, Monden A, Collberg CS. Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model. In Proceedings - International Workshop on Software Protection, SPRO 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 31-37. 7174808 https://doi.org/10.1109/SPRO.2015.14
Kanzaki, Yuichiro ; Monden, Akito ; Collberg, Christian S. / Code Artificiality : A Metric for the Code Stealth Based on an N-Gram Model. Proceedings - International Workshop on Software Protection, SPRO 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 31-37
@inproceedings{9b1ce674a324471684ad389fab7c9f7d,
title = "Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model",
abstract = "This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.",
keywords = "Code Obfuscation, Code Stealth, Program Analysis, Software Protection",
author = "Yuichiro Kanzaki and Akito Monden and Collberg, {Christian S}",
year = "2015",
month = "7",
day = "31",
doi = "10.1109/SPRO.2015.14",
language = "English (US)",
pages = "31--37",
booktitle = "Proceedings - International Workshop on Software Protection, SPRO 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
address = "United States",

}

TY - GEN

T1 - Code Artificiality

T2 - A Metric for the Code Stealth Based on an N-Gram Model

AU - Kanzaki, Yuichiro

AU - Monden, Akito

AU - Collberg, Christian S

PY - 2015/7/31

Y1 - 2015/7/31

N2 - This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.

AB - This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.

KW - Code Obfuscation

KW - Code Stealth

KW - Program Analysis

KW - Software Protection

UR - http://www.scopus.com/inward/record.url?scp=84989232182&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84989232182&partnerID=8YFLogxK

U2 - 10.1109/SPRO.2015.14

DO - 10.1109/SPRO.2015.14

M3 - Conference contribution

AN - SCOPUS:84989232182

SP - 31

EP - 37

BT - Proceedings - International Workshop on Software Protection, SPRO 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -