110 likes | 134 Vues
Obfuscation techniques in Java. Therese Berge Jonas Ringedal. Presentation. Goal of the project Background Obfuscation techniques Tests Evaluation and results. Goal of the project. Gain knowledge about different obfuscation techniques Find the best technique for us
E N D
Obfuscation techniques in Java Therese Berge Jonas Ringedal
Presentation • Goal of the project • Background • Obfuscation techniques • Tests • Evaluation and results
Goal of the project • Gain knowledge about different obfuscation techniques • Find the best technique for us • Testing existing programs • Evaluating the techniques
Background • Java increased the threat of reverse engineering • High-level bytecode • Platform independent • Portable • Anyone can have access to the bytecode • Reverse engineering • Analyse system to create higher level representation • Recreate Java source code
Obfuscation techniques • Layout Obfuscation • Data Obfuscation • Control Obfuscation • Preventative Transformations
Layout Obfuscation • Changing variables • Removing comments • Both methods: • Free of cost • One way functions
Data Obfuscation • Encoding for(int i = 0; i < 100; i++ ){} f(i) = 2*i+5 for(int i = 5; i < 205; i =i+2){} • Split array • Change ordering • Variable declaration spread out
Control Obfuscation • Hide information flow • Dead code • Parallelize Code
Preventative Transformations • Crash deobfuscators • Use known weaknesses Stealth • Hide obfuscation
Tests • Obfuscator: JShrink • Decompiler: JAD • Test code: Password.java Test results • JShrink • JAD from .class • JAD from obfuscated code
Evaluation and results • Obfuscators major tools for protecting Java programs from reverse engineering • Hard to find free programs • Layout Obfuscation not enough • Best: Combination of manually changed code, stealth and obfuscators. • Goal achieved