Abstract | ||
---|---|---|
Abstract Context: Obfuscation is a common technique used to protect software against malicious reverse engineering. Obfuscators manipulate the source code to make it harder to analyze and more difficult to understand for the attacker. Although different obfuscation algorithms and implementations are available, they have never been directly compared in a large scale study. Aim: This paper aims at evaluating and quantifying the effect of several different obfuscation implementations (both open source and commercial), to help developers and project managers to decide which algorithms to use. Method: In this study we applied 44 obfuscations to 18 subject applications covering a total of 4 millions lines of code. The effectiveness of these source code obfuscations has been measured using 10 code metrics, considering modularity, size and complexity of code. Results: Results show that some of the considered obfuscations are effective in making code metrics change substantially from original to obfuscated code, although this change (called potency of the obfuscation) is different on different metrics. In the paper we recommend which obfuscations to select, given the security requirements of the software to be protected. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1007/s10664-014-9321-0 | Empirical Software Engineering |
Keywords | Field | DocType |
Code Metrics,Cyclomatic Complexity,Subject Application,Holm Correction,Software Protection | Programming language,Software engineering,Computer science,Source code,Reverse engineering,Cyclomatic complexity,Software,Obfuscation (software),Obfuscation,Modularity,Source lines of code | Journal |
Volume | Issue | ISSN |
20 | 6 | 1573-7616 |
Citations | PageRank | References |
16 | 0.65 | 17 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mariano Ceccato | 1 | 515 | 41.44 |
Andrea Capiluppi | 2 | 488 | 42.51 |
Paolo Falcarin | 3 | 283 | 26.68 |
Cornelia Boldyreff | 4 | 464 | 56.05 |