A SOFTWARE FRAMEWORK FOR CODE SECURITY USING M-COT-METRICS BASED CODE OBFUSCATION TECHNIQUE
DOI:
https://doi.org/10.11113/jt.v78.5001Keywords:
Piracy, Obfuscation, M-COT, Cyclomatic Complexity, Reverse EngineeringAbstract
Programming security is a paramount concern in IT industry because of its immense monetary misfortunes. Programming is inclined to different security assaults, for example, Software piracy. In this proposal, program security assurance through code Obfuscation, a technique which opposes reverse engineering attacks. In this paper, different sets of criteria are depicted to gauge viability of code obfuscation, for example, intensity: trouble for human to comprehend code, imperviousness to computerized piracy. A large portion of the current obscurity procedures and plans fulfil just a couple of these criteria. In this paper, it shows that the novel code obfuscation plan created for securing exclusive code. A software framework for providing software security using Metric based Code Obfuscation Techniques named as M-COT is designed to propose which will maximize the objectives. The essential thought is to change unique code to obfuscated codes which will concede more state space. This is attained by developing obfuscated non inconsequential code clones for intelligent code parts exhibit in unique code. These code clones that are connected utilizing element predicate variables to present legitimate control flows. The performance of the system is observed by experimentation on a couple of projects (for example, scientific calculator code, searching) to assess our plan. The demonstration made that product unpredictability nature of obfuscated code is higher than that of unique code and comparing to single execution Despite of the fact that the proposal builds the improvement of obfuscated code (because of development of non-inconsequential code clones for legitimate code parts).
References
C. Collberg, C. Thomborson, and D. Low. 1997. A Taxonomy Of Obfuscating Transformation. Technical Report 148, Department of Computer Science, The University of Auckland, Auckland, New Zealand.
Christian S. Collberg, Clark Thomborson. 2002. Watermarking, Tamper-Proofing, And Obfuscation: Tools For Software Protection. IEEE Transactions on Software Engineering. 28(8): 735-746.
C. Collberg and J. Nagra. 2009. Surreptitious Software: Obfuscation, Watermarking, And Tamper Proofing For Software Protection. Addison Wesley Professional.
P. C. van Oorschot. 2003. Revisiting Software Protection. Proc. 6th Int'l Conf. Information Security (ISC 03), LNCS 2851. Springer-Verlag. 1-13.
Boaz Barak, Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. 2001. On the (im) Possibility Of Obfuscating Programs. In J. Kilian, editor, Advances in Cryptology: CRYPTO 2001, 2001. LNCS 2139.
B. Lynn, M. Prabhakaran, and A. Sahai. 2004. Positive Results and Techniques for Obfuscation. In Eurocrypt, Springer Verlag.
M. Ceccato, M. DiPenta, J. Nagra, P. Falcarin, F.Ricca, M. Torchiano, and P. Tonella. 2009. The Effectiveness Of Source Code Obfuscation: An Experimental Assessment. In IEEE International Conference on Program Comprehension (ICPC 2009). IEEE CS Press.
J. Chan and W. Yang. 2004. Advanced Obfuscation Techniques For Java Byte Code. JOURNAL OF SYSTEMS AND SOFTWARE. 71(1): 1-10.
Christian Collberg, Clark Thomborson, and Douglas Low. 1998. Manufacturing Cheap, Resilient, And Stealthy Opaque Constructs. In ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL98, San Diego.
Wang, C., Hill, J., Knight, J. C., and Davidson, J. W. 2001. Protection of Software-Based Survivability Mechanisms. In Proceedings of the 2001 conference on Dependable Systems and Networks. IEEE Computer Society. 193-202.
Sebastian Schrittwieser and Stefan Katzenbeisser. Code Obfuscation against Static and ynamic Reverse Engineering. Vienna University of Technology, Austria, Darmstadt University of Technology, Germany.
Falcarin, P., Di Carlo, S., Cabutto, A., Garazzino, N., Barberis, D. 2011. Exploiting Code Mobility For Dynamic Binary Obfuscation. Internet Security (WorldCIS), 2011 World Congress on. 114-120.
Yuichiro Kanzaki, Akito Monden. A SOFTWARE PROTECTION METHOD ASED ON.
TIM. 2010. E-SENSITIVE CODE AND SELF-MODIFICATION MECHANISM. Proceedings of the IASTED International Conference, November 8 - 10, 2010 Marina Del Rey, USA Software Engineering and Applications (SEA 2010).
Christian Collberg. 2011. The Case for Dynamic Digital Asset Protection Techniques. Department of Computer Science, University of Arizona, June 1.
Business Software Alliance. 2013. Eighth Annual BSA and IDC Global Software Piracy Study.
R. Senthilkumar and Dr. Arunkumar Thangavel. 2015. Code Security Using Control Flow Obfuscation with Opaque Predicate. International Journal of Applied Engineering Research (IJAER).
Harsha Varadhan Rajendran, Ch.Kalyan Chandra and R. Senthilkumar. 2010. Design of Java Obfuscator “MANGINS++â€- A Novel Tool To Secure Codes. Journal of Computer and Mathematical Sciences. 1(6): 636-768.
Vivek Balachandran, Sabu Emmanuel, Ng Wee Keong. 2014. Obfuscation by Code Fragmentation to Evade Reverse Engineering, 2014 IEEE International Conference on Systems, Man, and Cybernetics October 5-8, 2014, San Diego, CA, USA.
Downloads
Published
Issue
Section
License
Copyright of articles that appear in Jurnal Teknologi belongs exclusively to Penerbit Universiti Teknologi Malaysia (Penerbit UTM Press). This copyright covers the rights to reproduce the article, including reprints, electronic reproductions, or any other reproductions of similar nature.
