VCF: Virtual Code Folding to Enhance Virtualization Obfuscation
- Authors
- Suk, Jae Hyuk; Lee, Dong Hoon
- Issue Date
- 2020
- Publisher
- IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
- Keywords
- Virtualization; Licenses; Malware; Encryption; Reverse engineering; Code obfuscation; code virtualization; program diversity; software protection; virtualization obfuscation
- Citation
- IEEE ACCESS, v.8, pp.139161 - 139175
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE ACCESS
- Volume
- 8
- Start Page
- 139161
- End Page
- 139175
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/59022
- DOI
- 10.1109/ACCESS.2020.3012684
- ISSN
- 2169-3536
- Abstract
- Code virtualization, also called virtualization obfuscation, is a code obfuscation technique that protects software from malicious analysis. Unlike code packing or code encryption techniques, code virtualization does not restore the original code on the memory. However, because basic components of the structure are simple, if a virtualization structure is revealed statically, there is a limitation in that the analysis process is somewhat constant. In this paper, we propose Virtual Code Folding (VCF) as a new code virtualization technique. The proposed method reduces the amount of virtual code that is statically revealed by folding the virtual code inside a virtualization structure and enables the virtual code to be decoded by generating multiple diversified dispatchers. The folded virtual code is restored by the random key, and then fetched and decoded by the diversified dispatcher. This process makes it possible for VCF to effectively obfuscate correspondence between virtual code and handler code (i.e., code that performs real functionality) without significant performance overhead or strong assumptions.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholar.korea.ac.kr/handle/2021.sw.korea/59022)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.