{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T09:47:46Z","timestamp":1770889666205,"version":"3.50.1"},"reference-count":39,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Form. Asp. Comput."],"published-print":{"date-parts":[[2017,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>Obfuscation is the art of making code hard to reverse engineer and understand. In this paper, we propose a formal model for specifying and understanding the strength of obfuscating transformations with respect to a given attack model. The idea is to consider the attacker as an abstract interpreter willing to extract information about the program\u2019s semantics. In this scenario, we show that obfuscating code is making the analysis imprecise, namely making the corresponding abstract domain incomplete. It is known that completeness is a property of the abstract domain and the program to analyse. We introduce a framework for transforming abstract domains, i.e., analyses, towards incompleteness. The family of incomplete abstractions for a given program provides a characterisation of the potency of obfuscation employed in that program, i.e., its strength against the attack specified by those abstractions. We show this characterisation for known obfuscating transformations used to inhibit program slicing and automated disassembly.<\/jats:p>","DOI":"10.1007\/s00165-016-0374-2","type":"journal-article","created":{"date-parts":[[2016,4,25]],"date-time":"2016-04-25T10:03:28Z","timestamp":1461578608000},"page":"3-31","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Maximal incompleteness as obfuscation potency"],"prefix":"10.1145","volume":"29","author":[{"given":"Roberto","family":"Giacobazzi","sequence":"first","affiliation":[{"name":"Universit\u00e0 degli Studi di Verona, Verona, Italy"},{"name":"IMDEA Software Institute, Madrid, Spain"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Isabella","family":"Mastroeni","sequence":"additional","affiliation":[{"name":"Universit\u00e0 degli Studi di Verona, Verona, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mila","family":"Dalla Preda","sequence":"additional","affiliation":[{"name":"Universit\u00e0 degli Studi di Verona, Verona, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","reference":[{"key":"e_1_2_1_2_1_2","doi-asserted-by":"publisher","DOI":"10.1145\/2160158.2160159"},{"key":"e_1_2_1_2_2_2","volume-title":"Residuation theory","author":"Blyth TS","year":"1972"},{"key":"e_1_2_1_2_3_2","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/9780262029735.001.0001","volume-title":"Obfuscation\u2014a User\u2019s Guide for Privacy and Protest","author":"Brunton F","year":"2015"},{"key":"e_1_2_1_2_4_2","doi-asserted-by":"crossref","unstructured":"Cousot P Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fix-points. In: Conference Record of the 4th ACM Symposium on Principles of Programming Languages (POPL \u201977). ACM Press pp 238\u2013252","DOI":"10.1145\/512950.512973"},{"key":"e_1_2_1_2_5_2","doi-asserted-by":"crossref","unstructured":"Cousot P Cousot R (1979) Systematic design of program analysis frameworks. In: Conference Record of the 6th ACM Symposium on Principles of Programming Languages (POPL \u201979). ACM Press pp 269\u2013282","DOI":"10.1145\/567752.567778"},{"key":"e_1_2_1_2_6_2","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/2.4.511"},{"key":"e_1_2_1_2_7_2","doi-asserted-by":"crossref","unstructured":"Cousot P Cousot R (1992) Comparing the Galois connection and widening\/narrowing approaches to abstract interpretation (invited paper). In: Bruynooghe M Wirsing M (eds) Proc. of the 4th Internat. Symp. on Programming Language Implementation and Logic Programming (PLILP \u201992) vol. 631 of Lecture Notes in Computer Science. Springer New York pp 269\u2013295","DOI":"10.1007\/3-540-55844-6_142"},{"key":"e_1_2_1_2_8_2","doi-asserted-by":"crossref","unstructured":"Cortesi A Fil\u00e9 G Giacobazzi R Palamidessi C Ranzato F (1995) Complementation in abstract interpretation. In: Mycroft A (ed) Proceedings of the 2nd International Static Analysis Symposium (SAS \u201995) vol. 983 of Lecture Notes in Computer Science. Springer New York pp 100\u2013117","DOI":"10.1007\/3-540-60360-3_35"},{"key":"e_1_2_1_2_9_2","doi-asserted-by":"publisher","DOI":"10.1145\/115372.115320"},{"key":"e_1_2_1_2_10_2","volume-title":"Surreptitious Software: obfuscation, watermarking, and tamperproofing for software protection","author":"Collberg C","year":"2009"},{"key":"e_1_2_1_2_11_2","unstructured":"Cousot P (1999) The calculational design of a generic abstract interpreter. In: Broy M Steinbr\u00fcggen R (eds) Calculational system design vol 173. NATO science series Series F: computer and systems sciences vol 173. IOS Press Amsterdam pp 421\u2013505"},{"key":"e_1_2_1_2_12_2","doi-asserted-by":"crossref","unstructured":"Collberg C Thomborson CD Low D (1998) Manufactoring cheap resilient and stealthy opaque constructs. In: Proc. of Conf. Record of the 25st ACM Symp. on Principles of Programming Languages (POPL \u201998). ACM Press pp 184\u2013196","DOI":"10.1145\/268946.268962"},{"key":"e_1_2_1_2_13_2","doi-asserted-by":"crossref","unstructured":"Dalla Preda M Giacobazzi R (2005) Semantic-based code obfuscation by abstract interpretation. In: Proc. of the 32nd International Colloquium on Automata Languages and Programming (ICALP \u201905) vol. 3580 of Lecture Notes in Computer Science. Springer New York pp. 1325\u20131336","DOI":"10.1007\/11523468_107"},{"key":"e_1_2_1_2_14_2","doi-asserted-by":"publisher","DOI":"10.5555\/1662641.1662644"},{"key":"e_1_2_1_2_15_2","doi-asserted-by":"crossref","unstructured":"Drape S Thomborson C Majumdar A (2007) Specifying imperative data obfuscations. In: Garay JA Lenstra AK Mambo M Peralta R (eds) ISC\u2014Information Security vol. 4779 of Lecture Notes in Computer Science. Springer New York pp 299\u2013314","DOI":"10.1007\/978-3-540-75496-1_20"},{"key":"#cr-split#-e_1_2_1_2_16_2.1","unstructured":"Fil\u00e9 G Ranzato F (1996) Complementation of abstract domains made easy. In: Maher M"},{"key":"#cr-split#-e_1_2_1_2_16_2.2","unstructured":"(ed) Proceedings of the 1996 Joint International Conference and Symposium on Logic Programming (JICSLP '96). The MIT Press Cambridge pp 348-362"},{"key":"e_1_2_1_2_17_2","doi-asserted-by":"crossref","unstructured":"Garg S Gentry C Halevi S Raykova M Sahai A Waters B (2013) Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual IEEE Symposium on Foundations of Computer Science FOCS 2013. IEEE Computer Society Berkeley pp 40\u201349","DOI":"10.1109\/FOCS.2013.13"},{"key":"e_1_2_1_2_18_2","doi-asserted-by":"crossref","unstructured":"Giacobazzi R (2008) Hiding information in completeness holes\u2014new perspectives in code obfuscation and watermarking. In: Proc. of The 6th IEEE International Conferences on Software Engineering and Formal Methods (SEFM\u201908). IEEE Press pp 7\u201320","DOI":"10.1109\/SEFM.2008.41"},{"key":"e_1_2_1_2_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/32.83912"},{"key":"e_1_2_1_2_20_2","doi-asserted-by":"crossref","unstructured":"Giacobazzi R Logozzo F Ranzato F (2015) Analyzing program analyses. In: Rajamani SK Walker D (eds) Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages POPL 2015. ACM Mumbai pp 261\u2013273","DOI":"10.1145\/2676726.2676987"},{"key":"e_1_2_1_2_21_2","doi-asserted-by":"crossref","unstructured":"Giacobazzi R Mastroeni I (2012) Making abstract interpretation incomplete: Modeling the potency of obfuscation. In: Static analysis\u201419th International Symposium SAS 2012 Proceesings. Deauville France pp 129\u2013145","DOI":"10.1007\/978-3-642-33125-1_11"},{"key":"e_1_2_1_2_22_2","doi-asserted-by":"crossref","unstructured":"Giacobazzi R Quintarelli E (2001) Incompleteness counterexamples and refinements in abstract model-checking. In: Cousot P (ed) Proc. of The 8th Internat. Static Analysis Symp. (SAS\u201901) vol. 2126 of Lecture Notes in Computer Science. Springer New York pp 356\u2013373","DOI":"10.1007\/3-540-47764-0_20"},{"key":"e_1_2_1_2_23_2","doi-asserted-by":"crossref","unstructured":"Giacobazzi R Ranzato F (1997) Refining and compressing abstract domains. In: Degano P Gorrieri R Marchetti-Spaccamela A (eds) Proc. of the 24th Internat. Colloq. on Automata Languages and Programming (ICALP \u201997) vol. 1256 of Lecture Notes in Computer Science. Springer New York pp 771\u2013781","DOI":"10.1007\/3-540-63165-8_230"},{"key":"e_1_2_1_2_24_2","doi-asserted-by":"publisher","DOI":"10.1006\/inco.1998.2724"},{"key":"e_1_2_1_2_25_2","doi-asserted-by":"publisher","DOI":"10.1145\/333979.333989"},{"key":"e_1_2_1_2_26_2","doi-asserted-by":"publisher","DOI":"10.1145\/77606.77608"},{"issue":"2","key":"e_1_2_1_2_27_2","first-page":"221","article-title":"Residuated closure operators","volume":"26","author":"Janowitz MF","year":"1967","journal-title":"Port Math"},{"key":"e_1_2_1_2_28_2","doi-asserted-by":"crossref","unstructured":"Jones ND Giacobazzi R Mastroeni I (2012) Obfuscation by partial evaluation of distorted interpreters. In: Kiselyov O and Thompson S (eds) Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM\u201912). ACM Press pp 63\u201372","DOI":"10.1145\/2103746.2103761"},{"key":"e_1_2_1_2_29_2","doi-asserted-by":"publisher","DOI":"10.5555\/153676"},{"key":"e_1_2_1_2_30_2","doi-asserted-by":"crossref","unstructured":"Linn C Debray S (2003) Obfuscation of executable code to improve resistance to static disassembly. In: CCS \u201903: Proceedings of the 10th ACM conference on Computer and communications security. ACM pp 290\u2013299","DOI":"10.1145\/948109.948149"},{"key":"e_1_2_1_2_31_2","doi-asserted-by":"crossref","unstructured":"Laviron V Logozzo F (2009) Refining abstract interpretation-based static analyses with hints. In: Proc. of APLAS\u201909 vol. 5904 of Lecture Notes in Computer Science. Springer New York pp 343\u2013358","DOI":"10.1007\/978-3-642-10672-9_24"},{"key":"e_1_2_1_2_32_2","doi-asserted-by":"crossref","unstructured":"Majumdar A Drape SJ Thomborson CD (2007) Slicing obfuscations: design correctness and evaluation. In: DRM \u201907: Proceedings of the 2007 ACM workshop on Digital Rights Management. ACM pp 70\u201381","DOI":"10.1145\/1314276.1314290"},{"key":"e_1_2_1_2_33_2","unstructured":"Mastroeni I Giacobazzi R (2015) Weakening residuation in adjoining closures. Order. RR 95\/2015. http:\/\/hdl.handle.net\/11562\/925745 (to appear)"},{"key":"e_1_2_1_2_34_2","doi-asserted-by":"crossref","unstructured":"Mastroeni I Zanardini D (2008) Data dependencies and program slicing: From syntax to abstract semantics. In: Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM\u201908). ACM Press pp 125\u2013134","DOI":"10.1145\/1328408.1328428"},{"key":"e_1_2_1_2_35_2","doi-asserted-by":"publisher","DOI":"10.1016\/0167-6423(91)90039-Z"},{"key":"e_1_2_1_2_36_2","doi-asserted-by":"crossref","unstructured":"Reps T Turnidge T (1996) Program specialization via program slicing. In Danvy O Glueck R Thiemann P (eds) Proceedings of the Dagstuhl seminar on Partial evaluation. Springer New York pp 409\u2013429","DOI":"10.1007\/3-540-61580-6_20"},{"key":"e_1_2_1_2_37_2","doi-asserted-by":"crossref","unstructured":"Reps T Yang W (1989) The semantics of program slicing and program integration. In: Diaz J Orejas F (eds)Proc. of the Colloq. on Current Issues in Programming Languages vol. 352 of Lecture Notes in Computer Science. Springer New York pp 360\u2013374","DOI":"10.1007\/3-540-50940-2_47"},{"key":"e_1_2_1_2_38_2","unstructured":"Weiser M (1981) Program slicing. In: ICSE \u201981: Proceedings of the 5th international conference on Software engineering. IEEE Press pp 439\u2013449"}],"container-title":["Formal Aspects of Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00165-016-0374-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00165-016-0374-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1007\/s00165-016-0374-2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00165-016-0374-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,6]],"date-time":"2022-01-06T16:04:11Z","timestamp":1641485051000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1007\/s00165-016-0374-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,1]]},"references-count":39,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2017,1]]}},"alternative-id":["10.1007\/s00165-016-0374-2"],"URL":"https:\/\/doi.org\/10.1007\/s00165-016-0374-2","relation":{},"ISSN":["0934-5043","1433-299X"],"issn-type":[{"value":"0934-5043","type":"print"},{"value":"1433-299X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,1]]}}}