Open Access
ARTICLE
A Smart Obfuscation Approach to Protect Software in Cloud
1 Department of Computer Science, Inner Mongolia University, Hohhot, China
2 Department of Computer Science, Hainan University, Haikou, China
* Corresponding Author: Yucong Duan. Email:
(This article belongs to the Special Issue: AI Powered Human-centric Computing with Cloud and Edge)
Computers, Materials & Continua 2023, 76(3), 3949-3965. https://doi.org/10.32604/cmc.2023.038970
Received 05 January 2023; Accepted 10 April 2023; Issue published 08 October 2023
Abstract
Cloud computing and edge computing brought more software, which also brought a new danger of malicious software attacks. Data synchronization mechanisms of software can further help reverse data modifications. Based on the mechanisms, attackers can cover themselves behind the network and modify data undetected. Related knowledge of software reverse engineering can be organized as rules to accelerate the attacks, when attackers intrude cloud server to access the source or binary codes. Therefore, we proposed a novel method to resist this kind of reverse engineering by breaking these rules. Our method is based on software obfuscations and encryptions to enhance the security of distributed software and cloud services in the 5G era. Our method is capable of (1) replacing the original assembly codes of the protected program with equivalent assembly instructions in an iteration way, (2) obfuscating the control flow of the protected program to confuse attackers meanwhile keeps the program producing the same outputs, (3) encrypting data to confuse attackers. In addition, the approach can periodically and automatically modify the protected software binary codes, and the binary codes of the protected software are encrypted to resist static analysis and dynamic analysis. Furthermore, a simplified virtual machine is implemented to make the protected codes unreadable to attackers. Cloud game is one of the specific scenarios which needs low latency and strong data consistency. Cheat engine, Ollydbg, and Interactive Disassembler Professional (IDA) are used prevalently for games. Our improved methods can protect the software from the most vulnerable aspects. The improved dynamic code swapping and the simplified virtual machine technologies for cloud games are the main innovations. We inductively learned that our methods have been working well according to the security mechanisms and time complexity analysis. Experiments show that hidden dangers can be eliminated with efficient methods: Execution time and file sizes of the target codes can be multiple times than that of the original program codes which depend on specific program functions.Keywords
Cite This Article
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.