An obfuscation method to build a fake call flow graph by hooking method calls

This paper proposes an obfuscation method against illegal analysis. The proposed method tries to build a fake call flow graph from debugging tools. The call flow graph represents relations among methods, and helps understanding of a program. The fake call flow graph leads misunderstanding of the pro...

Full description

Saved in:
Bibliographic Details
Published in15th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) pp. 1 - 6
Main Authors Fukuda, Kazumasa, Tamada, Haruaki
Format Conference Proceeding
LanguageEnglish
Japanese
Published IEEE 01.06.2014
Subjects
Buildings
Call Flow Graph
Educational institutions
Flow graphs
Hook Mechanism
Java
Java 7
Obfuscation
Runtime
Software
Online AccessGet full text

Cover

More Information
Summary:This paper proposes an obfuscation method against illegal analysis. The proposed method tries to build a fake call flow graph from debugging tools. The call flow graph represents relations among methods, and helps understanding of a program. The fake call flow graph leads misunderstanding of the program. We focus on a hook mechanism of the method call for changing a callee. We conduct two experiments to evaluate the proposed method. First experiment simulates attacks by existing tools: Soot, jad, Procyon, and Krakatau. The Procyon only succeeded decompilation, the others crashed. Second experiment evaluates understandability of the obfuscated program by the hand. Only one subject in the nine subjects answered the correct value. The experiments shows the proposed method has good tolerance against existing tools, and high difficulty of understanding even if the target program is tiny and simple program.
DOI:10.1109/SNPD.2014.6888726