| Software companies invest a large amount of resources in the development of their software products which include designing code, implementing the code, and maintenance of the software. In order to protect their investment from potential attacks such as illegal copying, tampering, and malicious reverse engineering, most companies utilize some type of protection software, also known as obfuscators, to create variants of their products that are more resilient to adversarial analysis. In this thesis we consider the effectiveness of several different commercial obfuscators against traditional man-at-the-end attacks where an adversary can utilize tools such as debuggers, disassembles, and de-compilers as a legitimate end-user of a binary executable. Our methodology includes selection of four benchmark programs and identification of key adversarial tasks for each program that include the ability to comprehend key pieces of information in the program and the ability to change the program executable to satisfy an adversarial goal. We run experiments on each program using traditional static and dynamic analysis techniques to identify the adversarial workload and outcomes before and after each program is transformed by a set of three commercial obfuscators. |
