Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model

Yuichiro Kanzaki; Akito Monden; Christian Collberg

doi:10.1109/SPRO.2015.14

Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model

Yuichiro Kanzaki, Akito Monden, Christian Collberg

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

16 Scopus citations

Abstract

This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.

Original language	English (US)
Title of host publication	Proceedings - International Workshop on Software Protection, SPRO 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	31-37
Number of pages	7
ISBN (Electronic)	9781467370943
DOIs	https://doi.org/10.1109/SPRO.2015.14
State	Published - Jul 31 2015
Event	1st International Workshop on Software Protection, SPRO 2015 - Florence, Italy Duration: May 19 2015 → …

Publication series

Name	Proceedings - International Workshop on Software Protection, SPRO 2015

Other

Other	1st International Workshop on Software Protection, SPRO 2015
Country/Territory	Italy
City	Florence
Period	5/19/15 → …

Keywords

Code Obfuscation
Code Stealth
Program Analysis
Software Protection

ASJC Scopus subject areas

Software

Access to Document

10.1109/SPRO.2015.14

Cite this

Kanzaki, Y., Monden, A., & Collberg, C. (2015). Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model. In Proceedings - International Workshop on Software Protection, SPRO 2015 (pp. 31-37). Article 7174808 (Proceedings - International Workshop on Software Protection, SPRO 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SPRO.2015.14

Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model. / Kanzaki, Yuichiro; Monden, Akito; Collberg, Christian.
Proceedings - International Workshop on Software Protection, SPRO 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 31-37 7174808 (Proceedings - International Workshop on Software Protection, SPRO 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kanzaki, Y, Monden, A & Collberg, C 2015, Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model. in Proceedings - International Workshop on Software Protection, SPRO 2015., 7174808, Proceedings - International Workshop on Software Protection, SPRO 2015, Institute of Electrical and Electronics Engineers Inc., pp. 31-37, 1st International Workshop on Software Protection, SPRO 2015, Florence, Italy, 5/19/15. https://doi.org/10.1109/SPRO.2015.14

@inproceedings{9b1ce674a324471684ad389fab7c9f7d,

title = "Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model",

abstract = "This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.",

keywords = "Code Obfuscation, Code Stealth, Program Analysis, Software Protection",

author = "Yuichiro Kanzaki and Akito Monden and Christian Collberg",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 1st International Workshop on Software Protection, SPRO 2015 ; Conference date: 19-05-2015",

year = "2015",

month = jul,

day = "31",

doi = "10.1109/SPRO.2015.14",

language = "English (US)",

series = "Proceedings - International Workshop on Software Protection, SPRO 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "31--37",

booktitle = "Proceedings - International Workshop on Software Protection, SPRO 2015",

}

TY - GEN

T1 - Code Artificiality

T2 - 1st International Workshop on Software Protection, SPRO 2015

AU - Kanzaki, Yuichiro

AU - Monden, Akito

AU - Collberg, Christian

PY - 2015/7/31

Y1 - 2015/7/31

N2 - This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.

AB - This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.

KW - Code Obfuscation

KW - Code Stealth

KW - Program Analysis

KW - Software Protection

UR - http://www.scopus.com/inward/record.url?scp=84989232182&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84989232182&partnerID=8YFLogxK

U2 - 10.1109/SPRO.2015.14

DO - 10.1109/SPRO.2015.14

M3 - Conference contribution

AN - SCOPUS:84989232182

T3 - Proceedings - International Workshop on Software Protection, SPRO 2015

SP - 31

EP - 37

BT - Proceedings - International Workshop on Software Protection, SPRO 2015

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 19 May 2015

ER -

Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this