Computer Engineering and Applications ›› 2021, Vol. 57 ›› Issue (18): 122-129.DOI: 10.3778/j.issn.1002-8331.2005-0247

Previous Articles     Next Articles

ARM Assembly Code Obfuscation Algorithm Based on Mode Switch

LE Deguang, ZHAO Jie, GONG Shengrong   

  1. 1.School of Computer Science & Engineering, Changshu Institute of Technology, Changshu, Jiangsu 215500, China
    2.Suzhou Tongcheng Network Technology Co., Ltd., Suzhou, Jiangsu 215123, China
  • Online:2021-09-15 Published:2021-09-13



  1. 1.常熟理工学院 计算机科学与工程学院,江苏 常熟 215500
    2.苏州同程网络科技股份有限公司,江苏 苏州 215123


The high-level code obfuscation of ARM program has the problem of blindness, which not only reduces the obfuscation accuracy but also is resilient by reversing easily. To deal the problem, the low-level code obfuscation of ARM program is studied, which combines the features of ARM architecture instruction system and proposes the ARM assembly code obfuscation algorithm based on mode switch including instruction mode switch obfuscation, register obfuscation and junk instruction obfuscation. The control flow of obfuscated assembly code is more complex. The random register obfuscation for switch address improves the difficulty of dynamic trace debugging. Besides, the mode switch and junk instruction obfuscations can incur the error of disassembly. At last, the test and evaluation are performed from the aspects of complex potency, reverse resilience and performance cost. Test shows the proposed algorithm in the paper not only can improve the strength of cyclomatic complexity significantly, but also can combat the reverse analysis of disassembly tool effectively. In addition, the additional costs of size and time consume introduced by proposed algorithm are low, which is practical in term of performance.

Key words: control flow, assembly, code obfuscation, mode switch, reverse engineering



关键词: 控制流, 汇编, 代码混淆, 模式切换, 逆向工程