Abstract:
Software obfuscation is the act of changing the inner workings of a program to make it more expensive in terms of time and effort to reverse engineer, while maintaining the same semantics. This practice has lately been employed for a variety of purposes, both legit and malicious, such as intellectual property protection and hiding malware internal details to avoid detection.
Moreover, by using obfuscation it is possible to achieve Software diversification, a condition where different versions of the same program are generated and distributed, with the advantage of reducing code-reuse attacks.
The quality of these obfuscation and diversification techniques can be measured by using a wide variety of similarity metrics. In this work, several of these software similarity techniques, working on different abstraction levels, are implemented. Their performance is then evaluated by applying them to sample programs that were obfuscated with common obfuscation techniques.
