Hidden System APIs Based Code Obfuscation
For the problem that static disassembly can expose system API calls in programs,this paper proposes a kind of code obfuscation aimed at hiding system API calls from reverse analysis.The algorithm is implemented by creating a system API address table and constructing secret index variables.During execution,the program looks up the table for the correct API to call,thus keeping the semantic unchanged.Analysis and experiments show that the algorithm can effectively protect system API calls from static reverse analysis.
static disassembly reverse analysis code obfuscation system API address table
Fei Xiang Fenlin Liu Bin Lu Daofu Gong
Zhengzhou Information Science and Technology Institute,State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou, Henan 450002, China
国际会议
重庆
英文
496-502
2015-03-02(万方平台首次上网日期,不代表论文的发表时间)