期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2008
卷号:8
期号:9
页码:59-71
出版社:International Journal of Computer Science and Network Security
摘要:Various software obfuscation techniques have been proposed. However, there are few discussions on proper use of these obfuscations against imaginable threats. An ad-hoc use of obfuscations cannot guarantee that a program is sufficiently protected. For a systematic use of obfuscations and the verification of the result, this paper proposes a goal oriented approach to obfuscation. Specifically, we (1) define the capability of an imaginary cracker, (2) identify the cracker��s goal, (3) conduct a goal-oriented analysis, (4) select obfuscations to disrupt all sub-goals, and (5) apply selected obfuscations to the program. As a case study, we define a security goal and a threat model for a Java implementation of a cryptomeria cipher (C2) program, and then, based on the model, we demonstrate how the goal oriented analysis is conducted and obfuscation techniques are applied to places where they are needed.
关键词:Software Protection; Reverse engineering; Secret Hiding; Program Analysis
Loading...
