five

Evaluating the Resilience of Obfuscated Code Against LLM-based Function Name Recovery in MATE Attacks

收藏
Zenodo2025-06-06 更新2026-05-26 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.15603262
下载链接
链接失效反馈
官方服务:
资源简介:
This repository serves as the online appendix for the paper "Evaluating the Resilience of Obfuscated Code Against LLM-based Function Name Recovery in MATE Attacks".   Abstract In recent years, improvements in decompilers and large language models (LLMs) make it possible to use powerful binary analysis techniques, including automated function name recovery. Such powerful binary analysis techniques can be exploited for Man-At-The-End (MATE) attacks, posing a serious threat to the software ecosystem. To evaluate the severity of the threat posed by LLM-based MATE attack scenarios, this study investigates the resilience of well-known code obfuscation methods against function name recovery attacks using LLMs (i.e., how effectively these methods prevent the prediction of appropriate function names). In the experiment, we quantitatively measure resilience based on the similarity between the sets of words obtained from the original and the recovered function names. We evaluate the resilience of five well-known obfuscation methods against attacks using the gemma-3-27b-it LLM general-purpose model. The results reveal that the obfuscation method based on code virtualization has the highest resilience, while some obfuscation methods have no effect. Furthermore, we set the criteria for success or failure of function name recovery attacks based on resilience, and analyze the factors that affect the result. The analysis reveals that it is difficult to predict appropriate function names from some implementations of algorithms such as search and sort.
提供机构:
Zenodo
创建时间:
2025-06-06
二维码
社区交流群
二维码
科研交流群
商业服务