2013 IEEE 16th International Conference on Computational Science and Engineering (2009)
Aug. 29, 2009 to Aug. 31, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSE.2009.43
We describe a novel method for malicious code obfuscationthat uses code already present in systems: a pseudo-randomnumber generator. This can also be seen as an anti-disassemblyand anti-debugging technique, depending on deployment, becausethe actual code does not exist until run - it is generateddynamically by the pseudo-random number generator.A year's worth of experiments are used to demonstrate thatthis technique is a viable code obfuscation option for amalicious adversary with access to large amounts of computingpower.
Juan Manuel Gutiérrez Cárdenas, John Aycock, Daniel Medeiro Nunes de Castro, "Code Obfuscation Using Pseudo-random Number Generators", 2013 IEEE 16th International Conference on Computational Science and Engineering, vol. 03, no. , pp. 418-423, 2009, doi:10.1109/CSE.2009.43