PHP Source Code Protection Using Layout Obfuscation and AES-256 Encryption Algorithm

In WhiteSource's report "Total Known Open Source Vulnerabilities Per Language," PHP is ranked second after C, with 17 percent of all reported vulnerabilities in the last ten years. One of the disadvantages of PHP-based applications is it built without being compiled into machine langu...

Full description

Saved in:
Bibliographic Details
Published in2021 6th International Workshop on Big Data and Information Security (IWBIS) pp. 133 - 138
Main Authors Khairunisa, Isma, Kabetta, Herman
Format Conference Proceeding
LanguageEnglish
Published IEEE 23.10.2021
Subjects
Big Data
Codes
Conferences
Design methodology
Encryption
Information security
Layout
Layout Obfuscation
Obfuscation
PHP
Web servers
Online AccessGet full text
DOI10.1109/IWBIS53353.2021.9631842

Cover

More Information
Summary:In WhiteSource's report "Total Known Open Source Vulnerabilities Per Language," PHP is ranked second after C, with 17 percent of all reported vulnerabilities in the last ten years. One of the disadvantages of PHP-based applications is it built without being compiled into machine language instructions. Web servers process the plain source code; consequently, hijackers can easily change, replicate, or redistribute source code without the developer's approval. Obfuscation is one of the solutions to this problem. This paper aims to add layout obfuscation to the former obfuscation approach to improve security. For the first time, a layout obfuscation technique was combined with an AES-256 encryption algorithm. The Design Research Methodology will be used in this paper. In addition, performance tests, functional tests, obfuscated file sizes, and security tests will be performed on the implementation results. The test results imply that the PHP Extension produced in this paper can run according to the designed functional and non-functional requirements.
DOI:10.1109/IWBIS53353.2021.9631842