ObfSec: Measuring the security of obfuscations from a testing perspective
作者:
Highlights:
• We present ObfSec the first system that measures the security of obfuscations.
• ObfSec uses information theory to study vulnerabilities added by obfuscation engines.
• ObfSec studies the evolution of bugs and exploits in the obfuscation live-cycle.
• ObfSec analyses 646,854 crashes from 70,137 programs on 20 engines and 2 compilers.
• ObfSec also provides a triage mechanism to prioritize crash analysis.
摘要
•We present ObfSec the first system that measures the security of obfuscations.•ObfSec uses information theory to study vulnerabilities added by obfuscation engines.•ObfSec studies the evolution of bugs and exploits in the obfuscation live-cycle.•ObfSec analyses 646,854 crashes from 70,137 programs on 20 engines and 2 compilers.•ObfSec also provides a triage mechanism to prioritize crash analysis.
论文关键词:Obfuscations,Security,Testing
论文评审过程:Received 9 June 2021, Revised 14 July 2022, Accepted 25 July 2022, Available online 2 August 2022, Version of Record 13 August 2022.
论文官网地址:https://doi.org/10.1016/j.eswa.2022.118298
