The New Technique of Decompilation and Its Application in Information Security

The article describes a new technique of binary code decompilation and its applicability in information security such as software protection against reverse engineering and code obfuscation analysis in malware. The basic idea of the article is the fact that the process of binary code decompilation doesn´t require a machine code representation in source code view. The authors propose original decompilation technique based on restoration of code section algorithm. The technique uses a serial interpretation of binary code into intermediate code, analysis of program control flow and code transformation in the algorithmic form. The results are applied to the problem of malware obfuscation analyze and software protection against unauthorized reverse engineering. To solve the first problem, we used a serial algorithm for analysis of the resources used by the virus and the functional control flow separation. For solving the second problem we was also used analysis of the basic program control flow algorithm and additional threads to obfuscate the program and protect it against unauthorized reverse engineering.