Software obfuscation has been developed for over 30 years. A problem always confusing the communities is what security strength the technique can achieve. Nowadays, this problem becomes even harder as the software economy becomes more diversified. Inspired by the classic idea of layered security for risk management, we propose layered obfuscation as a promising way to realize reliable software obfuscation. Our concept is based on the fact that real-world software is usually complicated. Merely applying one or several obfuscation approaches in an ad-hoc way cannot achieve good obscurity. Layered obfuscation, on the other hand, aims to mitigate the risks of reverse software engineering by integrating different obfuscation techniques as a whole solution. In the paper, we conduct a systematic review of existing obfuscation techniques based on the idea of layered obfuscation and develop a novel taxonomy of obfuscation techniques. Following our taxonomy hierarchy, the obfuscation strategies under different branches are orthogonal to each other. In this way, it can assist developers in choosing obfuscation techniques and designing layered obfuscation solutions based on their specific requirements.

中文翻译：

---

分层混淆：用于分层安全的软件混淆技术分类

软件混淆已经发展了 30 多年。一个总是让社区感到困惑的问题是该技术可以达到什么样的安全强度。如今，随着软件经济变得更加多元化，这个问题变得更加困难。受到风险管理分层安全的经典思想的启发，我们提出分层混淆作为实现可靠软件混淆的一种有前途的方法。我们的概念基于这样一个事实，即现实世界的软件通常很复杂。仅仅以一种特殊的方式应用一种或几种混淆方法无法实现良好的隐蔽性。另一方面，分层混淆旨在通过将不同的混淆技术集成为一个整体解决方案来降低逆向软件工程的风险。在论文中，我们基于分层混淆的思想对现有的混淆技术进行了系统回顾，并开发了一种新的混淆技术分类法。按照我们的分类层次，不同分支下的混淆策略是相互正交的。通过这种方式，它可以帮助开发人员根据自己的特定需求选择混淆技术和设计分层混淆解决方案。