ObfuscationÐTools for Software Protection”Project onJava Code ObfuscationSubmitted byNeerja BhatnagarCS 265 Spring 2004Java Code Obfuscation to Discourage Reverse Engineering1. IntroductionCode reverse engineering involves figuring out source code corresponding to the given byte code or executable code. Reverse engineering is of concern to all software engineers, but especially to Java software engineers. This is because Java byte code is exceptionally easy to decompile, and hence reverse engineer [1]. Java byte code is easy to reverse engineer because Java byte code is very well documented, and most of the information contained in the source code is also present in the corresponding byte code [10]. Moreover, majority of Java applications are available for easy downloads over the Internet. Hence, Java software engineershave little control over the distribution of their Java byte code. Code is intellectual property, and needs to be protected. A lot of hard work, intelligence, time, and money are deployed to developcode.2. Code Obfuscation – A Technique To Deter Reverse Engineering Code obfuscation is a technique that discourages reverse engineering [9]. Code obfuscation scrambles the byte code, makes it uintelligible, and hence, difficult to understand. Code obfuscation alters the structure and appearance of byte code in order to make it uneconomical for an attacker to decompile it and reverse engineer it [4]. Despite the fact that the code has been obfuscated, it continues to perform the same function as the original program[9][4]. Code obfuscation scrambles the byte code, not the original source code.3. Classification of Code Obfuscation TechniquesCode obfuscation techniques are classified into four categories – layout obfuscations, control obfuscations, data obfuscations, and design obfuscations. Layout obfuscations modify the layout structure of the program. Layout obfuscation techniques rename identifiers, methods and classes, and remove debugging information from byte code. This technique can also replace method calls with method code. This is known as inlining a procedure. The inverse of inlining a procedure is outlining a procedure, in which arbitrary part of code is replaced with a method call [1][4][9]. Control obfuscations alter the control flow of the program. Control aggregation, control ordering, control computation, control flow abstraction, and opaque predicates are some forms of control obfuscations. Control ordering alters the order in which program statements are executed. A typical example of control ordering is to make loops go backwards instead of forward [1][4][9]. Data obfuscations change the data structures in the program. Data obfuscation techniques include data storage, data encoding, data aggregation and data ordering. Data storage obfuscation alters how data is stored in memory. A typical example involves converting a local variable into a global variable, and vice versa. Data ordering obfuscation alters the order of the original data. For example, instead of storing an array the typical way, the ith position in anarray does not point to the ith element in an array, but to some mapping thereof [1][4][9]. Layout obfuscations, control obfuscations, and data obfuscations are collectively known as low-level obfuscations. Design obfuscations are known as high-level obfuscations. In this paper, we discuss design obfuscations in detail.4. Design ObfuscationsProponents of high-level obfuscations believe that low-level obfuscations are not sufficient to provide strong resistance to code reverse engineering. This is because high-level program constructs, for example classes, can give away valuable high-level design information [9]. This information can facilitate an attacker in gaining a general understanding of the code and what it does. Design-level obfuscations obscure application design. When combined with low-level obfuscations, high-level obfuscations can provide a solid resistance to reverse engineering. 5. Classification of Design ObfuscationsDesign obfuscations are further classified into – class coalescing, class splitting, and type hiding obfuscations [4]. 5.1 Class Coalescing ObfuscationClass coalescing obfuscation combines two or more classes into a single class. If two or more classes have attributes with same type and same name, these attributes are renamed in order to distinguish among them (line 3 in Figure 2). Similarly, if two or more classes have non-constructor methods with same signatures, except for one non-constructor method, the signatures of all the other same-signature non-constructor methods are altered (line 26 in Figure2). If two or more classes have constructors with same type and number of arguments, then these constructors are changed such that they have spurious arguments (line 13 in Figure 2). Class coalescing can virtually convert an object-oriented program into a non-object-oriented procedural program [4].However, class coalescing suffers from few shortcomings. One of the shortcomings is that class coalescing obfuscation becomes very complicated when the classes to be coalesced extend other classes or implement interfaces. The complication arises from the fact that variablenames and method signatures defined in superclasses or interfaces cannot be renamed [4]. Another shortcoming of class coalescing obfuscation is that it cannot be performed when the classes to be coalesced extend classes from Java standard library. This is because including classes from Java standard library in class coalescing makes the code non-portable. Classes with native methods in them cannot be coalesced because analyzing native code is very difficult[4]. An example of class coalescing obfuscation is presented in Figures 1 and 2.5.2 Class Splitting ObfuscationClass splitting obfuscation splits a class into multiple classes [4]. There are several waysto split a class. However, a valid split function preserves the dependencies among the class's methods and fields. A typical split function splits a class A into classes A1 and A2, and makes A2a subclass of A1. It then splits the methods of class A evenly between A1 and A2. Another split function splits the methods defined in class A between classes A1 and A2, and makes method calls between A1 and A2. However, splitting a class using the superclass-subclass relationship provides stronger obfuscation [4].Usually, it is very hard to split a class, unless the original code design was flawed in
View Full Document
Unlocking...