A graph approach to quantitative analysis of control-flow obfuscating transformations

Hsin Yi Tsai*, Yu-Lun Huang, David Wagner

*Corresponding author for this work

Research output: Contribution to journalArticle

16 Scopus citations


Modern obfuscation techniques are intended to discourage reverse engineering and malicious tampering of software programs. We study control-flow obfuscation, which works by modifying the control flow of the program to be obfuscated, and observe that it is difficult to evaluate the robustness of these obfuscation techniques. In this paper, we present a framework for quantitative analysis of control-flow obfuscating transformations. Our framework is based upon the control-flow graph of the program, and we show that many existing control-flow obfuscation techniques can be expressed as a sequence of basic transformations on these graphs. We also propose a new measure of the difficulty of reversing these obfuscated programs, and we show that our framework can be used to easily evaluate the space penalty due to the transformations.

Original languageEnglish
Article number4783097
Pages (from-to)257-267
Number of pages11
JournalIEEE Transactions on Information Forensics and Security
Issue number2
StatePublished - 1 Jun 2009


  • Code obfuscation
  • Computer prime
  • Reverse engineering
  • Software metrics
  • Software protection

Fingerprint Dive into the research topics of 'A graph approach to quantitative analysis of control-flow obfuscating transformations'. Together they form a unique fingerprint.

  • Cite this