Code obfuscation based on deep integration

Abstract

Code obfuscation is essential for software security. However, current obfuscation techniques demonstrate limited resilience against systematic reverse engineering attacks—including taint analysis and code similarity detection. Moreover, these methods often incur considerable resource overheads and recognizable obfuscation features. In this paper, we propose an innovative obfuscation algorithm that integrates the instruction and data flows of two programs at the intermediate representation level. The resulting program maintains the complete functionality of both original programs. This strategy utilizes the static and dynamic features of the parent program to obfuscate the target program. Extracting the target code from the integrated program is a significant challenge, thereby enhancing the target code’s resistance to deobfuscation. We evaluate our algorithm across various metrics: functionality correctness, obfuscation efficiency, protection strength, and resilience to automated reverse engineering techniques. Our comprehensive evaluation demonstrates that our method imposes significantly lower overhead while delivering markedly improved protection effectiveness, marking a significant advancement in software protection.