The Effectiveness of Source Code Obfuscation: an Experimental Assessment

机译：源代码混淆的有效性：实验评估

获取原文

获取外文期刊封面目录资料

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Source code obfuscation is a protection mechanism widely used to limit the possibility of malicious reverse engineering or attack activities on a software system. Although several code obfuscation techniques and tools are available, little knowledge is available about the capability of obfuscation to reduce attackers' efficiency, and the contexts in which such an efficiency may vary. This paper reports the outcome of two controlled experiments meant to measure the ability of subjects to understand and modify decompiled, obfuscated Java code, compared to decompiled, clear code. Results quantify to what extent code obfuscation is able to make attacks more difficult to be performed, and reveal that obfuscation can mitigate the effect of factors that can alter the likelihood of a successful attack, such as the attackers' skill and experience, or the intrinsic characteristics of the system under attack.

机译：源代码混淆是一种保护机制，广泛用于限制软件系统上恶意逆向工程或攻击活动的可能性。虽然有几种代码混淆技术和工具可用，但对攻击者的效率进行了困难的能力很少，以及这种效率可能变化的背景。本文报告了两个受控实验的结果，意味着衡量受试者了解和修改了反编译，混淆了混淆的Java代码的能力，与反编译，明确的代码相比。结果量化在多大程度上的代码混淆能够使攻击更难以进行，并揭示混淆可以减轻可以改变成功攻击的可能性的因素的影响，例如攻击者的技能和经验，或内在的攻击下系统的特征。

著录项

来源
《International Conference on Program Comprehension》|2009年||共10页
会议地点
作者
Mariano Ceccato; Massimiliano Di Penta; Jasvir Nagra; Paolo Falcarin; Filippo Ricca; Marco Torchiano; Paolo Tonella;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP311.5-53;
关键词
Empirical studies; Software Obfuscation; Program comprehension;

机译：实证研究;软件混淆;程序理解;

相似文献

外文文献
中文文献
专利

1. A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques [J] . Mariano Ceccato, Massimiliano Di Penta, Paolo Falcarin, Empirical Software Engineering . 2014,第4期

机译：评估源代码混淆技术的有效性和效率的一系列实验
2. C SOURCE CODE OBFUSCATOR [J] . LUKAS DURFINA, DUSAN KOLAR Kybernetika . 2012,第3期

机译：C源代码混淆器
3. C source code obfuscator [J] . ?urfina Luká?, Kolá? Du?an Kybernetika . 2012,第3期

机译：C源代码obfuscator
4. The effectiveness of source code obfuscation: An experimental assessment [C] . Ceccato M., Di Penta M., Nagra J., Program Comprehension, 2009. ICPC '09 . 2009

机译：源代码混淆的有效性：一项实验评估
5. Automatic Generation and Assessment of Source Code Method Summaries. [D] . Abid, Nahla. 2017

机译：自动生成和评估源代码方法摘要。
6. Effectiveness Evaluation of Skin Covers against Intravascular Brachytherapy Sources Using VARSKIN3 Code [O] . H R Baghani, A R Nazempour, S M R Aghamiri, 2013

机译：使用VARSKIN3代码评估皮肤覆盖物对血管内近距离放射治疗的有效性
7. The Effectiveness of Source Code Obfuscation: an Experimental Assessment [O] . Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, 2012

机译：源代码混淆的有效性：一项实验评估
8. Source-Term Model for the SYVAC3-NSURE Performance Assessment Code (Modele deTerme-Source pour le Code de Calcul SYVAC3-NSURE d'Evaluation du Comportement) [R] . Rowat, J. H., Rattan, D. S., Dolinar, G. M. 1996

机译：sYVaC3-NsURE性能评估规范的源项模型（模型deTerme-source pour le Code de Calcul sYVaC3-NsURE d'Evaluation du Comportement）

The Effectiveness of Source Code Obfuscation: an Experimental Assessment

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅