Software code released to the user has the risk of reverse engineering attacks. Software obfuscation is one of the techniques used to make the reverse engineering of software programs hard. In this paper, we propose an obfuscation algorithm, which is applied to the assembly code generated by the compiler. Our method uses both obfuscation and encryption, which complement each other thus making reverse engineering harder. The main idea of the algorithm is to hide the control flow information in the data area in encrypted form and removing the control flow instructions from the program. During execution time, these instructions are reconstructed, thereby, preserving the semantics of the program. The stored control flow information is decrypted at runtime and used by self modifying code to reconstruct the control flow instructions. Experimental results indicate that the algorithm performs well against automated attacks.
展开▼