Binary Obfuscation Based Reassemble

Abstract

Software reverse engineering is the process of retrieving the source code or recovering the higher level structure from an executable binary file. It has a wide range of applications in software analysis, such as vulnerability mining and exploiting, blind patching and so on. But it can also be used for illegal activities such as software piracy and plagiarism, which bring huge losses to relevant workers. So Anti-reverse has important significance for intellectual property protection. In fact, it is difficult to protect a software against being reversed or malicious modifications.In this paper, we present and discuss a new binary obfuscation method based on reassemble. The binary reassembling refers to the process of disassembling an executable binaries into assembly code and assemble it back to a correct binary. We make binary obfuscation in this process because it can avoid many problems and have better protection than other obfuscation methods. We designed two obfuscating schemes including instruction substitution and control flow confusion. The resulting code is still a correct program, but it has more complex instruction execution sequence and sophisticated control flow graph. According to the experiment results, the obfuscated program has more smaller file size but it execute more slowly than the original program.