A Qualitative Analysis of Java Obfuscation
نویسندگان
چکیده
Code obfuscation is a promising defense technology that secures software in a way that makes the cost of reverse engineering prohibitively high. While there are a number of commercial obfuscation tools on the market, there is no standard measurement to analyze and evaluate their strength. This paper addresses this challenge. An analytical metrics is developed to quantify the performance of obfuscation in terms of potency, resilience, and cost. Four commercial obfuscators are then evaluated using the proposed method.
منابع مشابه
Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild
Program code is a precious asset to its owner. Due to the easyto-reverse nature of Java, code protection for Android apps is of particular importance. To this end, code obfuscation is widely utilized by both legitimate app developers andmalware authors, which complicates the representation of source code or machine code in order to hinder the manual investigation and code analysis. Despite many...
متن کاملJava Obfuscation with a Theoretical Basis for Building Secure Mobile Agents
In this paper we propose novel techniques to obfuscate Java programs for developing secure mobile agent systems. Our obfuscation techniques take advantage of polymorphism and exception mechanism of object-oriented languages and can drastically reduce the precision of points-to analysis of the programs. We show that determining precise points-to analysis in obfuscated programs is NP-hard and the...
متن کاملThree control flow obfuscation methods for Java software
Three novel control computation (control flow) obfuscation methods are described for protecting Java class files. They are basic block fission obfuscation, intersecting loop obfuscation and replacing goto obfuscation. The basic block fission obfuscation splits some chosen basic block(s) into more basic blocks, in which opaque predicates and goto instructions are inserted to make decompiling uns...
متن کاملOn the Effectiveness of Source Code Transformations for Binary Obfuscation
Obfuscation is gaining momentum as a protection mechanism for the intellectual property contained within or encapsulated by software. Usually, one of the following three directions is followed: source code obfuscation is achieved through source code transformations, Java bytecode obfuscation through transformations on the bytecode, and binary obfuscation through binary rewriting. In this paper,...
متن کاملA Software Fingerprinting Scheme for Java Using Classfiles Obfuscation
Embedding a personal identifier as a watermark to Java classfile is effective in order to protect copyrights of them. Monden et al.[1] proposed watermarking scheme that embeds arbitrary character sequence to the target method in a Java classfiles. But the scheme can be only used to embed the same watermark to each user’s classfiles. Therefore, if we apply this scheme for embedding each user’s p...
متن کامل