{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,2]],"date-time":"2026-06-02T08:00:52Z","timestamp":1780387252772,"version":"3.54.1"},"reference-count":49,"publisher":"Oxford University Press (OUP)","issue":"12","license":[{"start":{"date-parts":[[2025,8,10]],"date-time":"2025-08-10T00:00:00Z","timestamp":1754784000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/pages\/standard-publication-reuse-rights"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,12,24]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Code obfuscation is essential for software security. However, current obfuscation techniques demonstrate limited resilience against systematic reverse engineering attacks\u2014including taint analysis and code similarity detection. Moreover, these methods often incur considerable resource overheads and recognizable obfuscation features. In this paper, we propose an innovative obfuscation algorithm that integrates the instruction and data flows of two programs at the intermediate representation level. The resulting program maintains the complete functionality of both original programs. This strategy utilizes the static and dynamic features of the parent program to obfuscate the target program. Extracting the target code from the integrated program is a significant challenge, thereby enhancing the target code\u2019s resistance to deobfuscation. We evaluate our algorithm across various metrics: functionality correctness, obfuscation efficiency, protection strength, and resilience to automated reverse engineering techniques. Our comprehensive evaluation demonstrates that our method imposes significantly lower overhead while delivering markedly improved protection effectiveness, marking a significant advancement in software protection.<\/jats:p>","DOI":"10.1093\/comjnl\/bxaf089","type":"journal-article","created":{"date-parts":[[2025,6,24]],"date-time":"2025-06-24T07:39:14Z","timestamp":1750750754000},"page":"1980-1995","source":"Crossref","is-referenced-by-count":1,"title":["Code obfuscation based on deep integration"],"prefix":"10.1093","volume":"68","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-4707-2115","authenticated-orcid":false,"given":"Xiaobing","family":"Xiong","sequence":"first","affiliation":[{"name":"Key Laboratory of Cyberspace Security, Ministry of Education of China , Zhengzhou, Henan Province 450000 ,","place":["China"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1020-9006","authenticated-orcid":false,"given":"Zihan","family":"Sha","sequence":"additional","affiliation":[{"name":"Key Laboratory of Cyberspace Security, Ministry of Education of China , Zhengzhou, Henan Province 450000 ,","place":["China"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2797-1355","authenticated-orcid":false,"given":"Hui","family":"Shu","sequence":"additional","affiliation":[{"name":"Key Laboratory of Cyberspace Security, Ministry of Education of China , Zhengzhou, Henan Province 450000 ,","place":["China"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2719-1105","authenticated-orcid":false,"given":"Ran","family":"Wei","sequence":"additional","affiliation":[{"name":"Key Laboratory of Cyberspace Security, Ministry of Education of China , Zhengzhou, Henan Province 450000 ,","place":["China"]}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"286","published-online":{"date-parts":[[2025,8,10]]},"reference":[{"key":"2025122407072855300_ref1","volume-title":"The Ultimate Packer for Executables","author":"UPX","year":"2020"},{"key":"2025122407072855300_ref2","volume-title":"Themida: Advanced Windows Software Protection System","author":"Themida","year":"2020"},{"key":"2025122407072855300_ref3","volume-title":"Vmprotect Software: Vmprotect Virtualizes Code","author":"VMProtect","year":"2020"},{"key":"2025122407072855300_ref4","author":"Tigress","year":"2024"},{"key":"2025122407072855300_ref5","doi-asserted-by":"crossref","first-page":"4156","DOI":"10.1109\/TDSC.2021.3123159","article-title":"Model of execution trace obfuscation between threads","volume":"19","author":"Sha","year":"2022","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"2025122407072855300_ref6","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1109\/SPRO.2015.10","article-title":"Obfuscator-LLVM\u2014Software protection for the masses","volume-title":"2015 IEEE\/ACM 1st International Workshop on Software Protection","author":"Junod","year":"2015"},{"key":"2025122407072855300_ref7","author":"hexrays. Ida pro"},{"key":"2025122407072855300_ref8","author":"Ghidra software reverse engineering framework","year":"2019"},{"key":"2025122407072855300_ref9","volume-title":"The Ultimate Anti-Debugging Reference","author":"Ferrie"},{"key":"2025122407072855300_ref10","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1109\/SCAM.2014.43","article-title":"Bit-level taint analysis","volume-title":"2014 IEEE 14th International Working Conference on Source Code Analysis and Manipulation","author":"Yadegari","year":"2014"},{"key":"2025122407072855300_ref11","doi-asserted-by":"crossref","first-page":"674","DOI":"10.1109\/SP.2015.47","article-title":"A generic approach to automatic deobfuscation of executable code","volume-title":"2015 IEEE Symposium on Security and Privacy","author":"Yadegari","year":"2015"},{"key":"2025122407072855300_ref12","first-page":"732","article-title":"Symbolic execution of obfuscated code","volume-title":"In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS \u201815","author":"Yadegari","year":"2015"},{"key":"2025122407072855300_ref13","first-page":"189","article-title":"Code obfuscation against symbolic execution attacks","volume-title":"Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC \u201816","author":"Banescu","year":"2016"},{"key":"2025122407072855300_ref14","first-page":"643","article-title":"Syntia: Synthesizing the semantics of obfuscated code","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium, SEC\u201917","author":"Blazytko","year":"2017"},{"key":"2025122407072855300_ref15","doi-asserted-by":"crossref","DOI":"10.14722\/bar.2020.23009","article-title":"QSynth\u2014a program synthesis based approach for binary code deobfuscation","volume-title":"Proceedings 2020 Workshop on Binary Analysis Research","author":"David"},{"key":"2025122407072855300_ref16","doi-asserted-by":"crossref","first-page":"571","DOI":"10.1007\/978-3-030-12082-5_52","article-title":"Code obfuscation technique for enhancing software protection against reverse engineering","volume-title":"Advances in Artificial Systems for Medicine and Education II","author":"Gnatyuk","year":"2020"},{"key":"2025122407072855300_ref17","first-page":"3451","article-title":"Obfuscation-resilient executable payload extraction from packed malware","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Cheng","year":"2021"},{"key":"2025122407072855300_ref18","first-page":"643","article-title":"Syntia: Synthesizing the semantics of obfuscated code","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Blazytko","year":"2017"},{"key":"2025122407072855300_ref19","first-page":"487","article-title":"Obfuscation resilient binary code reuse through trace-oriented programming","volume-title":"Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS \u201813","author":"Zeng","year":"2013"},{"key":"2025122407072855300_ref20","first-page":"3055","article-title":"Loki: Hardening code obfuscation against automated attacks","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Schloegel","year":"2022"},{"key":"2025122407072855300_ref21","doi-asserted-by":"crossref","first-page":"439","DOI":"10.1016\/j.ins.2023.01.126","article-title":"Smart contract watermarking based on code obfuscation","volume":"628","author":"Huang","year":"2023","journal-title":"Inform Sci"},{"key":"2025122407072855300_ref22","volume-title":"A Taxonomy of Obfuscating Transformations","author":"Collberg","year":"1997"},{"key":"2025122407072855300_ref23","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/MSECP.2003.1219058","article-title":"Sandmark-a tool for software protection research","volume":"1","author":"Collberg","year":"2003","journal-title":"IEEE Secur Privacy"},{"key":"2025122407072855300_ref24","first-page":"661","article-title":"Predicting the resilience of obfuscated code against symbolic execution attacks via machine learning","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium, SEC\u201917","author":"Banescu","year":"2017"},{"key":"2025122407072855300_ref25","article-title":"Flexible software protection","volume":"11","author":"Van den Broeck","year":"2022","journal-title":"Comput Secur"},{"key":"2025122407072855300_ref26","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1145\/1866870.1866877","article-title":"A general model for hiding control flow","volume-title":"Proceedings of the Tenth Annual ACM Workshop on Digital Rights Management, DRM \u201810","author":"Cappaert","year":"2010"},{"key":"2025122407072855300_ref27","first-page":"143","article-title":"Effectiveness of android obfuscation on evading anti-malware","volume-title":"Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, CODASPY \u201818","author":"Chua","year":"2018"},{"key":"2025122407072855300_ref28","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/TENCON.2006.343985","article-title":"An obfuscation for binary trees","volume-title":"TENCON 2006\u20132006 IEEE Region 10 Conference","author":"Drape","year":"2006"},{"key":"2025122407072855300_ref29","doi-asserted-by":"crossref","first-page":"142","DOI":"10.1145\/947380.947399","article-title":"Obfuscation of design intent in object-oriented applications","volume-title":"Proceedings of the 3rd ACM Workshop on Digital Rights Management, DRM \u201803","author":"Sosonkin","year":"2003"},{"key":"2025122407072855300_ref30","first-page":"133","article-title":"Transforming the.net intermediate language using path logic programming","volume-title":"Proceedings of the 4th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming, PPDP \u201802","author":"Drape","year":"2002"},{"key":"2025122407072855300_ref31","doi-asserted-by":"crossref","first-page":"1019","DOI":"10.1109\/ICIS.2007.167","article-title":"Slicing aided design of obfuscating transforms","volume-title":"6th IEEE\/ACIS International Conference on Computer and Information Science (ICIS 2007)","author":"Drape","year":"2007"},{"key":"2025122407072855300_ref32","doi-asserted-by":"crossref","first-page":"1371","DOI":"10.1016\/j.proeng.2017.01.290","article-title":"Research and implementation of computer data security management system","volume":"174","author":"Xiaojuan","year":"2017","journal-title":"Procedia Eng"},{"key":"2025122407072855300_ref33","first-page":"159","article-title":"DAS-VMP: a virtual machine-based software protection method for defending against semantic attacks","volume-title":"IEEE Transactions on Information Forensics and Security","author":"Dingyi","year":"2017"},{"key":"2025122407072855300_ref34","first-page":"28","article-title":"Code virtualized protection system with instruction set randomization","volume-title":"Journal of Huazhong University of ence & Technology","author":"Tang","year":"2016"},{"key":"2025122407072855300_ref35","doi-asserted-by":"crossref","first-page":"489","DOI":"10.1109\/TrustCom.2016.0101","article-title":"Exploiting dynamic scheduling for VM-based code obfuscation","volume-title":"2016 IEEE Trustcom\/BigDataSE\/ISPA","author":"Kuang","year":"2016"},{"key":"2025122407072855300_ref36","first-page":"1650","article-title":"Implicit code obfuscation technique based on code slice fusion","volume":"34","author":"Pu","year":"2023","journal-title":"J. Software"},{"key":"2025122407072855300_ref37","first-page":"12","article-title":"A method of diversity software protection based on fusion compilation","volume":"6","author":"Xiong","year":"2020","journal-title":"Chinese J Network Inf Secur"},{"key":"2025122407072855300_ref38","article-title":"A framework to quantify the quality of source code obfuscation","volume":"14","author":"Jin","year":"2024","journal-title":"Appl Sci"},{"key":"2025122407072855300_ref39","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1145\/3560835.3564550","article-title":"Exorcist: automated differential analysis to detect compromises in closed-source software supply chains","volume-title":"Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, SCORED\u201922","author":"Barr-Smith","year":"2022"},{"key":"2025122407072855300_ref40","doi-asserted-by":"crossref","first-page":"177","DOI":"10.1145\/3359789.3359812","article-title":"How to kill symbolic deobfuscation for free (or: Unleashing the potential of path-oriented protections)","volume-title":"Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC \u201819","author":"Ollivier","year":"2019"},{"key":"2025122407072855300_ref41","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1109\/IVMEM57067.2022.9983965","article-title":"Strong optimistic solving for dynamic symbolic execution","volume-title":"2022 Ivannikov Memorial Workshop (IVMEM)","author":"Parygina","year":"2022"},{"key":"2025122407072855300_ref42","doi-asserted-by":"crossref","first-page":"361","DOI":"10.1145\/3564625.3567975","article-title":"Practical binary code similarity detection with bert-based transferable similarity learning","volume-title":"Proceedings of the 38th Annual Computer Security Applications Conference, ACSAC \u201822","author":"Ahn","year":"2022"},{"key":"2025122407072855300_ref43","first-page":"2099","article-title":"How machine learning is solving the binary function similarity problem","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Marcelli","year":"2022"},{"key":"2025122407072855300_ref44","author":"Bindiff","year":"2018"},{"key":"2025122407072855300_ref45","doi-asserted-by":"crossref","first-page":"472","DOI":"10.1109\/SP.2019.00003","article-title":"Asm2vec: boosting static representation robustness for binary clone search against code obfuscation and compiler optimization","volume-title":"2019 IEEE Symposium on Security and Privacy (SP)","author":"Ding","year":"2019"},{"key":"2025122407072855300_ref46","doi-asserted-by":"crossref","first-page":"461","DOI":"10.1145\/2939672.2939719","article-title":"Kam1n0: MapReduce-based assembly clone search for reverse engineering","volume-title":"Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD \u201816","author":"Ding","year":"2016"},{"key":"2025122407072855300_ref47","first-page":"309","article-title":"SAFE: self-attentive function embeddings for binary similarity","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Massarelli","year":"2019"},{"key":"2025122407072855300_ref48","first-page":"3236","article-title":"PalmTree: learning an assembly language model for instruction embedding","volume-title":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201821","author":"Li","year":"2021"},{"key":"2025122407072855300_ref49","first-page":"1","article-title":"jTrans: jump-aware transformer for binary code similarity detection","volume-title":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2022","author":"Wang","year":"2022"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/68\/12\/1980\/63997004\/bxaf089.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/68\/12\/1980\/63997004\/bxaf089.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,24]],"date-time":"2025-12-24T12:07:40Z","timestamp":1766578060000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/68\/12\/1980\/8229674"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,10]]},"references-count":49,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2025,8,10]]},"published-print":{"date-parts":[[2025,12,24]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxaf089","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2025,12]]},"published":{"date-parts":[[2025,8,10]]}}}