The effectiveness of source code obfuscation: An experimental assessment

机译：源代码混淆的有效性：一项实验评估

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Source code obfuscation is a protection mechanism widely used to limit the possibility of malicious reverse engineering or attack activities on a software system. Although several code obfuscation techniques and tools are available, little knowledge is available about the capability of obfuscation to reduce attackers' efficiency, and the contexts in which such an efficiency may vary. This paper reports the outcome of two controlled experiments meant to measure the ability of subjects to understand and modify decompiled, obfuscated Java code, compared to decompiled, clear code. Results quantify to what extent code obfuscation is able to make attacks more difficult to be performed, and reveal that obfuscation can mitigate the effect of factors that can alter the likelihood of a successful attack, such as the attackers' skill and experience, or the intrinsic characteristics of the system under attack.

机译：源代码混淆是一种保护机制，广泛用于限制对软件系统进行恶意逆向工程或攻击活动的可能性。尽管可以使用几种代码混淆技术和工具，但是关于混淆降低攻击者效率的能力以及这种效率可能发生变化的上下文的知识很少。本文报告了两个受控实验的结果，该实验旨在衡量受试者与反编译，清晰的代码相比，理解和修改反编译，混淆的Java代码的能力。结果量化了代码混淆能够在多大程度上使攻击更难以执行，并揭示了混淆可以减轻可能改变成功攻击可能性的因素的影响，例如攻击者的技能和经验或内在因素。受攻击系统的特征。

著录项

来源
《Program Comprehension, 2009. ICPC '09》|2009年|178-187|共10页
会议地点 Vancouver(CA);Vancouver(CA)
作者
Ceccato M.; Di Penta M.; Nagra J.; Falcarin P.; Ricca F.; Torchiano M.; Tonella P.;
展开▼
作者单位

Fondazione Bruno Kessler, IRST, Trento;

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Java; security of data; Java code; protection mechanism; software protection; software system; source code obfuscation techniques; Empirical studies; Program comprehension; Software Obfuscation;

机译：Java;数据安全性; Java代码;保护机制;软件保护;软件系统;源代码混淆技术;实证研究;程序理解;软件混淆;

相似文献

外文文献
中文文献
专利

1. A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques [J] . Mariano Ceccato, Massimiliano Di Penta, Paolo Falcarin, Empirical Software Engineering . 2014,第4期

机译：评估源代码混淆技术的有效性和效率的一系列实验
2. C SOURCE CODE OBFUSCATOR [J] . LUKAS DURFINA, DUSAN KOLAR Kybernetika . 2012,第3期

机译：C源代码混淆器
3. C source code obfuscator [J] . ?urfina Luká?, Kolá? Du?an Kybernetika . 2012,第3期

机译：C源代码obfuscator
4. The Effectiveness of Source Code Obfuscation: an Experimental Assessment [C] . Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, International Conference on Program Comprehension . 2009

机译：源代码混淆的有效性：实验评估
5. Automatic Generation and Assessment of Source Code Method Summaries. [D] . Abid, Nahla. 2017

机译：自动生成和评估源代码方法摘要。
6. Effectiveness Evaluation of Skin Covers against Intravascular Brachytherapy Sources Using VARSKIN3 Code [O] . H R Baghani, A R Nazempour, S M R Aghamiri, 2013

机译：使用VARSKIN3代码评估皮肤覆盖物对血管内近距离放射治疗的有效性
7. The Effectiveness of Source Code Obfuscation: an Experimental Assessment [O] . Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, 2012

机译：源代码混淆的有效性：一项实验评估
8. Source-Term Model for the SYVAC3-NSURE Performance Assessment Code (Modele deTerme-Source pour le Code de Calcul SYVAC3-NSURE d'Evaluation du Comportement) [R] . Rowat, J. H., Rattan, D. S., Dolinar, G. M. 1996

机译：sYVaC3-NsURE性能评估规范的源项模型（模型deTerme-source pour le Code de Calcul sYVaC3-NsURE d'Evaluation du Comportement）

The effectiveness of source code obfuscation: An experimental assessment

摘要

著录项

相似文献

相关主题

期刊订阅