Deobfuscation: Reverse Engineering Obfuscated Code

Pittsburgh, Pennsylvania November 07-November 11

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/WCRE.2005.13

12th Working Conference on Reverse En ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Sharath K. Udupa Articles by Saumya K. Debray Articles by Matias Madou

	ASCII Text	x
	Sharath K. Udupa, Saumya K. Debray, Matias Madou, "Deobfuscation: Reverse Engineering Obfuscated Code," Reverse Engineering, Working Conference on, pp. 45-54, 12th Working Conference on Reverse Engineering (WCRE 2005), 2005.

	BibTex	x
	@article{ 10.1109/WCRE.2005.13, author = {Sharath K. Udupa and Saumya K. Debray and Matias Madou}, title = {Deobfuscation: Reverse Engineering Obfuscated Code}, journal ={Reverse Engineering, Working Conference on}, volume = {0}, year = {2005}, issn = {1095-1350}, pages = {45-54}, doi = {http://doi.ieeecomputersociety.org/10.1109/WCRE.2005.13}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Reverse Engineering, Working Conference on TI - Deobfuscation: Reverse Engineering Obfuscated Code SN - 1095-1350 SP45 EP54 A1 - Sharath K. Udupa, A1 - Saumya K. Debray, A1 - Matias Madou, PY - 2005 KW - null VL - 0 JA - Reverse Engineering, Working Conference on ER -

Sharath K. Udupa, University of Arizona

Saumya K. Debray, University of Arizona

Matias Madou, Ghent University

In recent years, code obfuscation has attracted attention as a low cost approach to improving software security by making it difficult for attackers to understand the inner workings of proprietary software systems. This paper examines techniques for automatic de-obfuscation of obfuscated programs, as a step towards reverse engineering such programs. Our results indicate that much of the effects of code obfuscation, designed to increase the difficulty of static analyses, can be defeated using simple combinations of straightforward static and dynamic analyses. Our results have applications to both software engineering and software security. In the context of software engineering, we show how dynamic analyses can be used to enhance reverse engineering, even for code that has been designed to be difficult to reverse engineer. For software security, our results serve as an attack model for code obfuscators, and can help with the development of obfuscation techniques that are more resilient to straightforward reverse engineering.

Citation:

Sharath K. Udupa, Saumya K. Debray, Matias Madou, "Deobfuscation: Reverse Engineering Obfuscated Code," wcre, pp.45-54, 12th Working Conference on Reverse Engineering (WCRE 2005), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.