Abstract
For the problem that static disassembly can expose system API calls in programs, this paper proposes a kind of code obfuscation aimed at hiding system API calls from reverse analysis. The algorithm is implemented by creating a system API address table and constructing secret index variables. During execution, the program looks up the table for the correct API to call, thus keeping the semantic unchanged. Analysis and experiments show that the algorithm can effectively protect system API calls from static reverse analysis.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have