View in EDS

Effective and efficient Java‐type obfuscation.

Saved in:
Bibliographic Details
Title: Effective and efficient Java‐type obfuscation.
Authors: Foket, Christophe, De Bosschere, Koen, De Sutter, Bjorn
Source: Software: Practice & Experience; Feb2020, Vol. 50 Issue 2, p136-160, 25p
Subject Terms: ALGORITHMS, COMPUTER software, GRAPHICAL user interfaces, PROTOTYPES, PHYSIOLOGICAL adaptation, ASSETS (Accounting)
Abstract: Summary: To protect valuable assets embedded in software against reverse‐engineering attacks, software obfuscations aim at raising the apparent complexity of programs and at removing information that is useful for attackers. In this work, we propose to combine five transformations that obfuscate the type hierarchy of Java applications and eliminate much of the type information that can be inferred from the Java bytecode. We rely on some existing algorithms, present adaptations, and introduce new algorithms for some of the transformations, which are all made available in an open‐source prototype implementation ready for take‐up. We present an extensive experimental evaluation on benchmarks of real‐world complexity, using complementary metrics that cover the protection strength against both human and tool‐based reverse‐engineering attack methods. The results indicate that the obfuscation is effective as well as much more efficient than the previous state of the art. For the first time, this makes these obfuscations practically viable in real‐world deployment scenarios. [ABSTRACT FROM AUTHOR]
Copyright of Software: Practice & Experience is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Complementary Index
Description
Abstract:Summary: To protect valuable assets embedded in software against reverse‐engineering attacks, software obfuscations aim at raising the apparent complexity of programs and at removing information that is useful for attackers. In this work, we propose to combine five transformations that obfuscate the type hierarchy of Java applications and eliminate much of the type information that can be inferred from the Java bytecode. We rely on some existing algorithms, present adaptations, and introduce new algorithms for some of the transformations, which are all made available in an open‐source prototype implementation ready for take‐up. We present an extensive experimental evaluation on benchmarks of real‐world complexity, using complementary metrics that cover the protection strength against both human and tool‐based reverse‐engineering attack methods. The results indicate that the obfuscation is effective as well as much more efficient than the previous state of the art. For the first time, this makes these obfuscations practically viable in real‐world deployment scenarios. [ABSTRACT FROM AUTHOR]
ISSN:00380644
DOI:10.1002/spe.2773