Tampere University of Technology

TUTCRIS Research Portal

A survey on aims and environments of diversification and obfuscation in software security

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Details

Original languageEnglish
Title of host publicationComputer Systems and Technologies 17th International Conference, CompSysTech 2016 - Proceedings
PublisherAssociation for Computing Machinery
Pages113-120
Number of pages8
Volume1164
ISBN (Electronic)9781450341820
DOIs
Publication statusPublished - 23 Jun 2016
Externally publishedYes
Publication typeA4 Article in a conference publication
Event17th International Conference on Computer Systems and Technologies, CompSysTech 2016 - Palermo, Italy
Duration: 23 Jun 201624 Jun 2016

Conference

Conference17th International Conference on Computer Systems and Technologies, CompSysTech 2016
CountryItaly
CityPalermo
Period23/06/1624/06/16

Abstract

Diversification and obfuscation methods are promising approaches used tosecuresoftware and prevent malware from functioning. Diversification makes each software instance unique so that malware attacks cannot rely on the knowledge of the program's execution environment and/or internal structure anymore. We present a systematic literature review on the state of-the-art of diversification and obfuscation research aiming to improve software security between 1993 and 2014. As the result of systematic search, in the final phase, 209 related papers were included in this study. In this study we focus on two specific research questions: what are the aims of diversification and obfuscation techniques and what are the environments they are applied to. The former question includes the languages and the execution environments that can benefit from these two techniques, while the second question presents the goals of the techniques and also the type of attacks they mitigate. is held by the owner/author(s). Publication rights licensed to ACM.

Keywords

  • Diversification, Obfuscation, Software security, Systematic literature review (SLR)