• DocumentCode
    3367057
  • Title

    Program Fragmentation as a Metamorphic Software Protection

  • Author

    Birrer, Bobby D. ; Raines, Richard A. ; Baldwin, Rusty O. ; Mullins, Barry E. ; Bennington, Robert W.

  • Author_Institution
    Air Force Inst. of Technol., Wright-Patterson AFB
  • fYear
    2007
  • fDate
    29-31 Aug. 2007
  • Firstpage
    369
  • Lastpage
    374
  • Abstract
    Unauthorized reverse-engineering of programs and algorithms is a major problem for the software industry. Reverse-engineers search for security holes in the program to exploit or try to steal competitors´ vital algorithms. To discourage reverse-engineering, developers use a variety of static software protections to obfuscate their programs. Metamorphic software protections add another layer of protection to traditional static obfuscation techniques, forcing reverse-engineers to adjust their attacks as the protection changes. Program fragmentation combines two obfuscation techniques, outlining and obfuscated jump tables, into a new, metamorphic protection. Sections of code are removed from the main program flow and placed throughout memory, reducing the program´s locality. These fragments move and are called using obfuscated jump tables, making program execution difficult to follow. This research assesses the performance overhead of a program fragmentation engine and provides analysis of its effectiveness against reverse-engineering techniques. Results show that program fragmentation has low overhead and is an effective technique to complicate disassembly of programs using two common disassembler/debugger tools.
  • Keywords
    authorisation; program debugging; program diagnostics; reverse engineering; debugger tool; disassembler tool; metamorphic software protection; program flow; program fragmentation; software industry; static obfuscation techniques; static software protections; unauthorized reverse-engineering; Assembly; Computer industry; Computer security; Cryptography; Engines; Information security; Laboratories; Software algorithms; Software debugging; Software protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
  • Conference_Location
    Manchester
  • Print_ISBN
    0-7695-2876-7
  • Electronic_ISBN
    978-0-7695-2876-2
  • Type

    conf

  • DOI
    10.1109/IAS.2007.28
  • Filename
    4299801