Malicious reverse engineering of software has served as a valuable technique that attackers can use to infringe upon and steal intellectual property.
To protect against such attackers, we can employ obfuscation techniques as useful tools to safeguard software.
Applying obfuscation techniques to source code can effectively prevent malicious attackers from reverse engineering a program.
However, the ambiguity surrounding the protective efficacy of these source code obfuscation tools and techniques presents challenges for users in evaluating and comparing the varying degrees of protection provided.
This paper attempts to address these issues and presents a methodology to quantify the effect of source code obfuscation.
Our proposed method is based on three main types of data: (1) the control flow graph, (2) the program path, and (3) the performance overhead added to the process---all of which are derived from a program analysis conducted by human experts and automated tools.
For the first time, we have implemented a tool that can quantitatively evaluate the quality of obfuscation techniques.
Then, to validate the effectiveness of the implemented framework, we conducted experiments using four widely recognized commercial and open-source obfuscation tools.
Our experimental findings, based on quantitative values related to obfuscation techniques, demonstrate that our proposed framework effectively assesses obfuscation quality.