# Assessment of Source Code Obfuscation Techniques

**Authors:** Alessio Viticchi\'e, Leonardo Regano, Marco Torchiano, Cataldo Basile,, Mariano Ceccato, Paolo Tonella, and Roberto Tiella

arXiv: 1704.02307 · 2017-04-10

## TL;DR

This study evaluates the effectiveness of the VarMerge data obfuscation technique in preventing attacks, demonstrating it significantly increases attack difficulty and reduces successful attacks in practical scenarios.

## Contribution

It provides an empirical assessment of VarMerge, a specific data obfuscation method, showing its impact on attack success and efficiency.

## Key findings

- VarMerge reduces successful attacks by six times.
- Data obfuscation significantly increases attack time.
- Empirical evidence supports VarMerge's effectiveness.

## Abstract

Obfuscation techniques are a general category of software protections widely adopted to prevent malicious tampering of the code by making applications more difficult to understand and thus harder to modify. Obfuscation techniques are divided in code and data obfuscation, depending on the protected asset. While preliminary empirical studies have been conducted to determine the impact of code obfuscation, our work aims at assessing the effectiveness and efficiency in preventing attacks of a specific data obfuscation technique - VarMerge. We conducted an experiment with student participants performing two attack tasks on clear and obfuscated versions of two applications written in C. The experiment showed a significant effect of data obfuscation on both the time required to complete and the successful attack efficiency. An application with VarMerge reduces by six times the number of successful attacks per unit of time. This outcome provides a practical clue that can be used when applying software protections based on data obfuscation.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1704.02307/full.md

## Figures

11 figures with captions in the complete paper: https://tomesphere.com/paper/1704.02307/full.md

## References

19 references — full list in the complete paper: https://tomesphere.com/paper/1704.02307/full.md

---
Source: https://tomesphere.com/paper/1704.02307