A New Framework of Software Obfuscation Evaluation Criteria
Bjorn De Sutter
TL;DR
This paper proposes a comprehensive new framework of evaluation criteria for software obfuscation, addressing shortcomings in existing metrics and aiming to improve assessment of protection effectiveness against reverse engineering and tampering.
Contribution
It introduces a revised set of evaluation criteria for software obfuscation, replacing outdated definitions with a more comprehensive and relevant framework.
Findings
Existing criteria are inadequate and outdated.
The new framework includes relevance, effectiveness, robustness, concealment, stubbornness, sensitivity, predictability, and cost.
The proposed criteria aim to improve the assessment of software protection strength.
Abstract
In the domain of practical software protection against man-at-the-end attacks such as software reverse engineering and tampering, much of the scientific literature is plagued by the use of subpar methods to evaluate the protections' strength and even by the absence of such evaluations. Several criteria have been proposed in the past to assess the strength of protections, such as potency, resilience, stealth, and cost. We analyze their evolving definitions and uses. We formulate a number of critiques, from which we conclude that the existing definitions are unsatisfactory and need to be revised. We present a new framework of software protection evaluation criteria: relevance, effectiveness (or efficacy), robustness, concealment, stubbornness, sensitivity, predictability, and cost.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Digital and Cyber Forensics · Digital Media Forensic Detection