For the problem that static disassembly can expose systemapi calls in programs, this paper proposes a kind of code obfuscation aimed at hiding systemapi calls from reverse analysis. The algorithm is implemented by c...
详细信息
For the problem that static disassembly can expose systemapi calls in programs, this paper proposes a kind of code obfuscation aimed at hiding systemapi calls from reverse analysis. The algorithm is implemented by creating a system api address table and constructing secret index variables. During execution, the program looks up the table for the correct api to call, thus keeping the semantic unchanged. Analysis and experiments show that the algorithm can effectively protect systemapi calls from static reverse analysis.
暂无评论