Geodesic
Using x86 mode switching for program code protection
Prikladnaâ diskretnaâ matematika, no. 3 (2023), pp. 104-120

Voir la notice de l'article provenant de la source Math-Net.Ru

A novel program code obfuscation approach involving the x86 mode switching is proposed in the paper. The details and existing applications of x86 mode switching are reviewed, as well as the possible consequences of using this switching to the reverse engineering tools. Based on this approach, a few specific methods are proposed and evaluated against the most popular reverse engineering tools of various purposes, including disassemblers, decompilers, binary instrumentation and symbolic execution tools. A method of seamless integration of these machine code level obfuscations to the C, C++ and possibly other compilers is also proposed.
Keywords: reverse engineering, obfuscation, x86 mode switching, disassembly, decompilation, symbolic execution.
Mots-clés : code protection 
@article{PDM_2023_3_a5,
     author = {R. K. Lebedev},
     title = {Using x86 mode switching for program code protection},
     journal = {Prikladna\^a diskretna\^a matematika},
     pages = {104--120},
     publisher = {mathdoc},
     number = {3},
     year = {2023},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/PDM_2023_3_a5/}
}
TY  - JOUR
AU  - R. K. Lebedev
TI  - Using x86 mode switching for program code protection
JO  - Prikladnaâ diskretnaâ matematika
PY  - 2023
SP  - 104
EP  - 120
IS  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDM_2023_3_a5/
LA  - en
ID  - PDM_2023_3_a5
ER  - 
%0 Journal Article
%A R. K. Lebedev
%T Using x86 mode switching for program code protection
%J Prikladnaâ diskretnaâ matematika
%D 2023
%P 104-120
%N 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDM_2023_3_a5/
%G en
%F PDM_2023_3_a5
R. K. Lebedev. Using x86 mode switching for program code protection. Prikladnaâ diskretnaâ matematika, no. 3 (2023), pp. 104-120. http://geodesic.mathdoc.fr/item/PDM_2023_3_a5/