<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">mais</journal-id><journal-title-group><journal-title xml:lang="ru">Моделирование и анализ информационных систем</journal-title><trans-title-group xml:lang="en"><trans-title>Modeling and Analysis of Information Systems</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1818-1015</issn><issn pub-type="epub">2313-5417</issn><publisher><publisher-name>Yaroslavl State University</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.18255/1818-1015-2021-1-38-51</article-id><article-id custom-type="elpub" pub-id-type="custom">mais-1471</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>Computer System Organization</subject></subj-group></article-categories><title-group><article-title>О характеристиках символьного исполнения в задаче оценки качества обфусцирующих преобразований</article-title><trans-title-group xml:lang="en"><trans-title>On Characteristics of Symbolic Execution in the Problem of Assessing the Quality of Obfuscating Transformations</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-8919-8310</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Борисов</surname><given-names>Петр Дмитриевич</given-names></name><name name-style="western" xml:lang="en"><surname>Borisov</surname><given-names>Petr D.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Аспирант</p><p>ул. Мильчакова, 8а, г. Ростов-на-Дону, 344090</p></bio><bio xml:lang="en"><p>Postgraduate student</p><p>8a Milchakova str., Rostov-on-Don 344090</p></bio><email xlink:type="simple">borisovpetr@mail.ru</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-1491-524X</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Косолапов</surname><given-names>Юрий Владимирович</given-names></name><name name-style="western" xml:lang="en"><surname>Kosolapov</surname><given-names>Yury V.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Кандидат технических наук</p><p>ул. Мильчакова, 8а, г. Ростов-на-Дону, 344090</p></bio><bio xml:lang="en"><p>PhD</p><p>8a Milchakova str., Rostov-on-Don 344090</p></bio><email xlink:type="simple">itaim@mail.ru</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Южный Федеральный Университет</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Southern Federal University</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2021</year></pub-date><pub-date pub-type="epub"><day>23</day><month>03</month><year>2021</year></pub-date><volume>28</volume><issue>1</issue><fpage>38</fpage><lpage>51</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Борисов П.Д., Косолапов Ю.В., 2021</copyright-statement><copyright-year>2021</copyright-year><copyright-holder xml:lang="ru">Борисов П.Д., Косолапов Ю.В.</copyright-holder><copyright-holder xml:lang="en">Borisov P.D., Kosolapov Y.V.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://www.mais-journal.ru/jour/article/view/1471">https://www.mais-journal.ru/jour/article/view/1471</self-uri><abstract><p>Обфускация применяется для защиты программ от анализа и обратного проектирования. Несмотря на то, что в настоящее время существуют теоретически стойкие методы обфускации, эти методы пока не могут применяться на практике. В основном это связано либо с затратностью по ресурсам на исполнение обфусцированного кода, либо с ограничением на применение только к конкретному классу программ. С другой стороны, разработано большое количество методов обфускации, которые применяются на практике. Существующие подходы к оценке таких обфусцирующих преобразований в большей степени основаны на статических характеристиках программ. Однако актуальна задача комплексного (учитывающего и динамические характеристики программ) обоснования их эффективности и стойкости. Представляется, что такое обоснование может быть выполнено с помощью методов машинного обучения на основе векторов признаков, описывающих как статические, так и динамические характеристики программ. В настоящей работе такой вектор предлагается строить на основе характеристик пар сравниваемых программ: исходной и обфусцированной, исходной и деобфусцированной, обфусцированной и деобфусцированной. Для получения динамических характеристик программы в работе построена схема, основанная на символьном исполнении. Выбор символьного исполнения обосновывается тем, что такие характеристики могут описать сложность понимания программы при динамическом анализе. В работе предлагается две реализации схемы: расширенная и упрощенная. Расширенная схема приближена к процессу анализа программы аналитиком, так как включает в себя этапы дизассемблирования и трансляции в промежуточный код, в то время как в упрощенной схеме эти этапы исключены. С разработанными схемами проведены эксперименты с целью выявления характеристик символьного исполнения, подходящих для оценки эффективности и стойкости обфускации на основе методов машинного обучения. На основе полученных результатов определен набор подходящих характеристик.</p></abstract><trans-abstract xml:lang="en"><p>Obfuscation is used to protect programs from analysis and reverse engineering. There are theoretically effective and resistant obfuscation methods, but most of them are not implemented in practice yet. The main reasons are large overhead for the execution of obfuscated code and the limitation of application only to a specific class of programs. On the other hand, a large number of obfuscation methods have been developed that are applied in practice. The existing approaches to the assessment of such obfuscation methods are based mainly on the static characteristics of programs. Therefore, the comprehensive (taking into account the dynamic characteristics of programs) justification of their effectiveness and resistance is a relevant task. It seems that such a justification can be made using machine learning methods, based on feature vectors that describe both static and dynamic characteristics of programs. In this paper, it is proposed to build such a vector on the basis of characteristics of two compared programs: the original and obfuscated, original and deobfuscated, obfuscated and deobfuscated. In order to obtain the dynamic characteristics of the program, a scheme based on a symbolic execution is constructed and presented in this paper. The choice of the symbolic execution is justified by the fact that such characteristics can describe the difficulty of comprehension of the program in dynamic analysis. The paper proposes two implementations of the scheme: extended and simplified. The extended scheme is closer to the process of analyzing a program by an analyst, since it includes the steps of disassembly and translation into intermediate code, while in the simplified scheme these steps are excluded. In order to identify the characteristics of symbolic execution that are suitable for assessing the effectiveness and resistance of obfuscation based on machine learning methods, experiments with the developed schemes were carried out. Based on the obtained results, a set of suitable characteristics is determined.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>обфускация</kwd><kwd>символьное исполнение</kwd><kwd>похожесть программ</kwd><kwd>понимание программ</kwd></kwd-group><kwd-group xml:lang="en"><kwd>obfuscation</kwd><kwd>symbolic execution</kwd><kwd>program similarity</kwd><kwd>program comprehension</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">C. Collberg and C. Ерomborson, “Watermarking, Tamper-Proofing, and Obfuscation - Tools for Software Protection”, IEEE Transactions on Software Engineering, vol. 28, pp. 735–746, Aug. 2002. doi: 10.1109/TSE.2002.1027797.</mixed-citation><mixed-citation xml:lang="en">C. Collberg and C. Ерomborson, “Watermarking, Tamper-Proofing, and Obfuscation - Tools for Software Protection”, IEEE Transactions on Software Engineering, vol. 28, pp. 735–746, Aug. 2002. doi: 10.1109/TSE.2002.1027797.</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B.Waters, “Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits”, in 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, 2013, pp. 40–49. doi: 10.1109/FOCS.2013.13.</mixed-citation><mixed-citation xml:lang="en">S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B.Waters, “Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits”, in 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, 2013, pp. 40–49. doi: 10.1109/FOCS.2013.13.</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">H. Xu, Y. Zhou, J. Ming, and M. Lyu, “Layered obfuscation: a taxonomy of software obfuscation techniques for layered security”, Cybersecurity, vol. 3, p. 9, Apr. 2020. doi: 10.1186/s42400-020-00049-3.</mixed-citation><mixed-citation xml:lang="en">H. Xu, Y. Zhou, J. Ming, and M. Lyu, “Layered obfuscation: a taxonomy of software obfuscation techniques for layered security”, Cybersecurity, vol. 3, p. 9, Apr. 2020. doi: 10.1186/s42400-020-00049-3.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">C. Collberg, C. Thomborson, and D. Low, “A Taxonomy of Obfuscating Transformations”, Tech. Report, N 148, Dept. of Computer Science, Univ. of Auckland, Jul. 1997.</mixed-citation><mixed-citation xml:lang="en">C. Collberg, C. Thomborson, and D. Low, “A Taxonomy of Obfuscating Transformations”, Tech. Report, N 148, Dept. of Computer Science, Univ. of Auckland, Jul. 1997.</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Y. Kanzaki, A. Monden, and C. Collberg, “Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model”, in 2015 IEEE/ACM 1st International Workshop on Software Protection, 2015, pp. 31–37. doi: 10.1109/SPRO.2015.14.</mixed-citation><mixed-citation xml:lang="en">Y. Kanzaki, A. Monden, and C. Collberg, “Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model”, in 2015 IEEE/ACM 1st International Workshop on Software Protection, 2015, pp. 31–37. doi: 10.1109/SPRO.2015.14.</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">R. Mohsen and A. Pinto, “Algorithmic Information Theory for Obfuscation Security”, in Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015), 2015, pp. 76–87. doi: 10.5220/0005548200760087.</mixed-citation><mixed-citation xml:lang="en">R. Mohsen and A. Pinto, “Algorithmic Information Theory for Obfuscation Security”, in Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015), 2015, pp. 76–87. doi: 10.5220/0005548200760087.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">R. Mohsen and A. Pinto, “Evaluating Obfuscation Security: A Quantitative Approach”, in International Symposium on Foundations and Practice of Security, Springer, Oct. 2015, pp. 174–192, isbn: 978-3-319-30302-4. doi: 10.1007/978-3-319-30303-1_11.</mixed-citation><mixed-citation xml:lang="en">R. Mohsen and A. Pinto, “Evaluating Obfuscation Security: A Quantitative Approach”, in International Symposium on Foundations and Practice of Security, Springer, Oct. 2015, pp. 174–192, isbn: 978-3-319-30302-4. doi: 10.1007/978-3-319-30303-1_11.</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">M. Ceccato, M. Di Penta, J. Nagra, P. Falcarin, F. Ricca, M. Torchiano, and P. Tonella, “The Effectiveness of Source Code Obfuscation: an Experimental Assessment”, in 2009 IEEE 17th International Conference on Program Comprehension, May 2009, pp. 178–187. doi: 10.1109/ICPC.2009.5090041.</mixed-citation><mixed-citation xml:lang="en">M. Ceccato, M. Di Penta, J. Nagra, P. Falcarin, F. Ricca, M. Torchiano, and P. Tonella, “The Effectiveness of Source Code Obfuscation: an Experimental Assessment”, in 2009 IEEE 17th International Conference on Program Comprehension, May 2009, pp. 178–187. doi: 10.1109/ICPC.2009.5090041.</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">J. Siegmund, “Program Comprehension: Past, Present, and Future”, in 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), vol. 5, Mar. 2016, pp. 13–20. doi: 10.1109/SANER.2016.35.</mixed-citation><mixed-citation xml:lang="en">J. Siegmund, “Program Comprehension: Past, Present, and Future”, in 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), vol. 5, Mar. 2016, pp. 13–20. doi: 10.1109/SANER.2016.35.</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">E. Avidan and D. Feitelson, “From Obfuscation to Comprehension”, in 2015 IEEE 23rd International Conference on Program Comprehension, May 2015, pp. 178–181. doi: 10.1109/ICPC.2015.27.</mixed-citation><mixed-citation xml:lang="en">E. Avidan and D. Feitelson, “From Obfuscation to Comprehension”, in 2015 IEEE 23rd International Conference on Program Comprehension, May 2015, pp. 178–181. doi: 10.1109/ICPC.2015.27.</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">P. Borisov and Y. Kosolapov, “On the Automatic Analysis of the Practical Resistance of Obfusting Transformations”, Modeling and Analysis of Information Systems, vol. 26, no. 3, pp. 317–331, Sep. 2019. doi: 10.18255/1818-1015-2019-3-317-331.</mixed-citation><mixed-citation xml:lang="en">P. Borisov and Y. Kosolapov, “On the Automatic Analysis of the Practical Resistance of Obfusting Transformations”, Modeling and Analysis of Information Systems, vol. 26, no. 3, pp. 317–331, Sep. 2019. doi: 10.18255/1818-1015-2019-3-317-331.</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">J. King, “Symbolic Execution and Program Testing”, Commun. ACM, vol. 19, no. 7, pp. 385–394, Jul. 1976. doi: 10.1145/360248.360252.</mixed-citation><mixed-citation xml:lang="en">J. King, “Symbolic Execution and Program Testing”, Commun. ACM, vol. 19, no. 7, pp. 385–394, Jul. 1976. doi: 10.1145/360248.360252.</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">B. Yadegari and S. Debray, “Symbolic Execution of Obfuscated Code”, in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Oct. 2015, pp. 732–744. doi: 10.1145/2810103.2813663.</mixed-citation><mixed-citation xml:lang="en">B. Yadegari and S. Debray, “Symbolic Execution of Obfuscated Code”, in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Oct. 2015, pp. 732–744. doi: 10.1145/2810103.2813663.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">C. La‹ner and V. Adve, “LLVM: A Compilation Framework for Lifelong Program Analysis and Transformation”, in Proceedings of the International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization, ser. CGO ’04, USA: IEEE Computer Society, 2004, pp. 75–86, isbn: 0769521029.</mixed-citation><mixed-citation xml:lang="en">C. La‹ner and V. Adve, “LLVM: A Compilation Framework for Lifelong Program Analysis and Transformation”, in Proceedings of the International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization, ser. CGO ’04, USA: IEEE Computer Society, 2004, pp. 75–86, isbn: 0769521029.</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">P. F. Brown, P. V. deSouza, R. L. Mercer, V. J. D. Pietra, and J. C. Lai, “Class-Based n-Gram Models of Natural Language”, Comput. Linguist., vol. 18, no. 4, pp. 467–479, Dec. 1992, issn: 0891-2017.</mixed-citation><mixed-citation xml:lang="en">P. F. Brown, P. V. deSouza, R. L. Mercer, V. J. D. Pietra, and J. C. Lai, “Class-Based n-Gram Models of Natural Language”, Comput. Linguist., vol. 18, no. 4, pp. 467–479, Dec. 1992, issn: 0891-2017.</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">N. Zhang, Hikari – an improvement over Obfuscator-LLVM, 2017.</mixed-citation><mixed-citation xml:lang="en">N. Zhang, Hikari – an improvement over Obfuscator-LLVM, 2017.</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">A. Dinaburg and A. Ruef, “Mcsema: Static translation of x86 instructions to llvm”, in ReCon 2014 Conference, Montreal, Canada, 2014.</mixed-citation><mixed-citation xml:lang="en">A. Dinaburg and A. Ruef, “Mcsema: Static translation of x86 instructions to llvm”, in ReCon 2014 Conference, Montreal, Canada, 2014.</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">C. Cadar and M. Nowack, “KLEE symbolic execution engine in 2019”, International Journal on Software Tools for Technology Transfer, Jun. 2020. doi: 10.1007/s10009-020-00570-3.</mixed-citation><mixed-citation xml:lang="en">C. Cadar and M. Nowack, “KLEE symbolic execution engine in 2019”, International Journal on Software Tools for Technology Transfer, Jun. 2020. doi: 10.1007/s10009-020-00570-3.</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">S. Muchnick, Advanced Compiler Design Implementation. 1997, isbn: 9781558603202.</mixed-citation><mixed-citation xml:lang="en">S. Muchnick, Advanced Compiler Design Implementation. 1997, isbn: 9781558603202.</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">C. Eagle, Œe IDA pro book: the unoffcial guide to the world’s most popular disassembler, 2nd ed. No Starch Press, isbn: 1593273959.</mixed-citation><mixed-citation xml:lang="en">C. Eagle, Œe IDA pro book: the unoffcial guide to the world’s most popular disassembler, 2nd ed. No Starch Press, isbn: 1593273959.</mixed-citation></citation-alternatives></ref><ref id="cit21"><label>21</label><citation-alternatives><mixed-citation xml:lang="ru">G. Ravipati, A. R. Bernat, N. Rosenblum, B. P. Miller, and J. K. Hollingsworth, “Towards the Deconstruction of Dyninst”, UW Madison, Tech. Rep., Jul. 2007, pp. 1–9.</mixed-citation><mixed-citation xml:lang="en">G. Ravipati, A. R. Bernat, N. Rosenblum, B. P. Miller, and J. K. Hollingsworth, “Towards the Deconstruction of Dyninst”, UW Madison, Tech. Rep., Jul. 2007, pp. 1–9.</mixed-citation></citation-alternatives></ref><ref id="cit22"><label>22</label><citation-alternatives><mixed-citation xml:lang="ru">R. N. Horspool and N. Marovac, “An approach to the problem of detranslation of computer programs”, The Computer Journal, vol. 23, no. 3, pp. 223–229, 1980.</mixed-citation><mixed-citation xml:lang="en">R. N. Horspool and N. Marovac, “An approach to the problem of detranslation of computer programs”, The Computer Journal, vol. 23, no. 3, pp. 223–229, 1980.</mixed-citation></citation-alternatives></ref><ref id="cit23"><label>23</label><citation-alternatives><mixed-citation xml:lang="ru">C. Visual and B. Unit, Microsoft portable executable and common object file format specification, 1999.</mixed-citation><mixed-citation xml:lang="en">C. Visual and B. Unit, Microsoft portable executable and common object file format specification, 1999.</mixed-citation></citation-alternatives></ref><ref id="cit24"><label>24</label><citation-alternatives><mixed-citation xml:lang="ru">H. Lu, Elf: From the programmer’s perspective, 1995.</mixed-citation><mixed-citation xml:lang="en">H. Lu, Elf: From the programmer’s perspective, 1995.</mixed-citation></citation-alternatives></ref><ref id="cit25"><label>25</label><citation-alternatives><mixed-citation xml:lang="ru">J. Kroustek, P. Matula, J. Konˇcickˇy, and D. Kol´a´r, “Accurate Retargetable Decompilation Using Additional Debugging Information”, Jan. 2012.</mixed-citation><mixed-citation xml:lang="en">J. Kroustek, P. Matula, J. Konˇcickˇy, and D. Kol´a´r, “Accurate Retargetable Decompilation Using Additional Debugging Information”, Jan. 2012.</mixed-citation></citation-alternatives></ref><ref id="cit26"><label>26</label><citation-alternatives><mixed-citation xml:lang="ru">S. Dasgupta, S. Dinesh, D. Venkatesh, V. S. Adve, and C. W. Fletcher, “Scalable validation of binary lifters”, Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 655–671, 2020.</mixed-citation><mixed-citation xml:lang="en">S. Dasgupta, S. Dinesh, D. Venkatesh, V. S. Adve, and C. W. Fletcher, “Scalable validation of binary lifters”, Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 655–671, 2020.</mixed-citation></citation-alternatives></ref><ref id="cit27"><label>27</label><citation-alternatives><mixed-citation xml:lang="ru">S. Banescu, C. Collberg, V. Ganesh, Z. Newsham, and A. Pretschner, “Code obfuscation against symbolic execution attacks”, Dec. 2016, pp. 189–200. doi: 10.1145/2991079.2991114.</mixed-citation><mixed-citation xml:lang="en">S. Banescu, C. Collberg, V. Ganesh, Z. Newsham, and A. Pretschner, “Code obfuscation against symbolic execution attacks”, Dec. 2016, pp. 189–200. doi: 10.1145/2991079.2991114.</mixed-citation></citation-alternatives></ref><ref id="cit28"><label>28</label><citation-alternatives><mixed-citation xml:lang="ru">P. Junod, J. Rinaldini, J. Wehrli, and J. Michielin, “Obfuscator-LLVM – Software Protection for the Masses”, May 2015, pp. 3–9. doi: 10.1109/SPRO.2015.10.</mixed-citation><mixed-citation xml:lang="en">P. Junod, J. Rinaldini, J. Wehrli, and J. Michielin, “Obfuscator-LLVM – Software Protection for the Masses”, May 2015, pp. 3–9. doi: 10.1109/SPRO.2015.10.</mixed-citation></citation-alternatives></ref><ref id="cit29"><label>29</label><citation-alternatives><mixed-citation xml:lang="ru">T. Laszl´o and ´A. Kiss, “Obfuscating C++ Programs via Control Flow Flattening”, ´ Annales Universitatis Scientiarum Budapestinensis de Rolando Eotv¨os Nominatae. Sectio Computatorica, vol. 30, no. 1, pp. 3–19, 2009.</mixed-citation><mixed-citation xml:lang="en">T. Laszl´o and ´A. Kiss, “Obfuscating C++ Programs via Control Flow Flattening”, ´ Annales Universitatis Scientiarum Budapestinensis de Rolando Eotv¨os Nominatae. Sectio Computatorica, vol. 30, no. 1, pp. 3–19, 2009.</mixed-citation></citation-alternatives></ref><ref id="cit30"><label>30</label><citation-alternatives><mixed-citation xml:lang="ru">Y. Kosolapov and P. Borisov, “Similarity Features For The Evaluation Of Obfuscation Effectiveness”, in 2020 International Conference on Decision Aid Sciences and Application (DASA), 2020, pp. 898–902. doi: 10.1109/DASA51403.2020.9317301.</mixed-citation><mixed-citation xml:lang="en">Y. Kosolapov and P. Borisov, “Similarity Features For The Evaluation Of Obfuscation Effectiveness”, in 2020 International Conference on Decision Aid Sciences and Application (DASA), 2020, pp. 898–902. doi: 10.1109/DASA51403.2020.9317301.</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
