Abstract :
Junk code increase manual analysis difficulty in reverse engineering, and seriously disturb the automatic analysis process of ant code obfuscating, so find a junk code removing method has a great significance in the field of reverse engineering. Based on this, aiming at the problem that the executable context-dependent junk code is difficult to remove automatically, this paper proposes a junk code removing method based on idle register slicing, through analyzing data dependencies between instructions, get all the idle register of all instruction in code block, slice the code block by idle registers respectively, remove all the junk code in the slice instruction. Experiments show that, this method can remove embedded executable junk code rapidly and accurately, improve the efficiency of reverse engineering.
