0
Code Obfuscation  Tool for Software Protection
Outline Why Code Obfuscation Features of a code obfuscator   Potency   Resilience   Cost Classification of Obfuscati...
Why use Code ObfuscationTechniques Mainly to defend against Software  Reverse Engineering We can only make it more diffi...
 The level of security that an  Obfuscator adds depends on:   The transformations used   The power of available deobfus...
Main features of a Code Obfuscator Potency: is the level up to which a  human reader would be confused by  the new code ...
Code Obfuscation Reverse                                                                       P1                        ...
Protection through Obfuscationhttp://www.cs.arizona.edu/~collberg/Research/Obfuscation/Resources.html
Obfuscation methods Mainly based on target information that we  want to modify/obfuscate
Obfuscation Methods Lexical transformations   Modify variable names Control transformations   Change program flow whil...
Kinds of obfuscation for each targetinformation
Available JavaScript Obfuscators Most available commercial JavaScript  obfuscators work by applying Lexical  transformati...
Example:From Stunnix   Actual code:                    Obfuscated code:   function foo( arg1)             function z00...
Step by step examination The Stunnix obfuscator targets at obfuscating  only the layout of the JavaScript code As the ob...
 In the sample code that was obfuscated, the following  can be observed User defined variables:   foo replaced with z00...
References [Collberg] C. Collberg, “The Obfuscation and  Software Watermarking homepage”,  http://www.cs.arizona.edu/coll...
Upcoming SlideShare
Loading in...5
×

Code obfuscation

727

Published on

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
727
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
36
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Code obfuscation"

  1. 1. Code Obfuscation Tool for Software Protection
  2. 2. Outline Why Code Obfuscation Features of a code obfuscator  Potency  Resilience  Cost Classification of Obfuscating Transformations
  3. 3. Why use Code ObfuscationTechniques Mainly to defend against Software Reverse Engineering We can only make it more difficult for reverse engineers Available obfuscating tools work in the same way as compiler optimizers Reduce required space and time for compilation
  4. 4.  The level of security that an Obfuscator adds depends on:  The transformations used  The power of available deobfuscators  The amount of resources available to deobfuscators
  5. 5. Main features of a Code Obfuscator Potency: is the level up to which a human reader would be confused by the new code Resilience: is how well the obfuscated code resists attacks by deobfuscation tools Cost: is how much load is added to the application
  6. 6. Code Obfuscation Reverse P1 Reverse Engineer engineering P1, P2, .., Pn exatracts piece of Pn program Obfuscation makes reverse engineering difficult Obfuscation Reverse Engineering fails P1, P2, .., Pn Q1, Q2, .., Qm Transformations
  7. 7. Protection through Obfuscationhttp://www.cs.arizona.edu/~collberg/Research/Obfuscation/Resources.html
  8. 8. Obfuscation methods Mainly based on target information that we want to modify/obfuscate
  9. 9. Obfuscation Methods Lexical transformations  Modify variable names Control transformations  Change program flow while preserving semantics Data transformations  Modify data structures Anti-disassembly Anti-debugging
  10. 10. Kinds of obfuscation for each targetinformation
  11. 11. Available JavaScript Obfuscators Most available commercial JavaScript obfuscators work by applying Lexical transformations Some obfuscators that were considered are:  Stunnix JavaScript Obfuscator  Shane Ngs GPL-licensed obfuscator  Free JavaScript Obfuscator
  12. 12. Example:From Stunnix Actual code:  Obfuscated code: function foo( arg1)  function z001c775808( { z3833986e2c) { var var myVar1 = "some z0d8bd8ba25= string"; //first comment "x73x6fx6dx65x20x73x 74x72x69x6ex67"; var var intVar = 24 * 3600; z0ed9bcbcc2= (0x90b+785- //second comment 0xc04)* (0x1136+6437- /* here is 0x1c4b); document. write( a long "x76x61x72x73x20x61 multi-line comment blah */ x72x65x3a"+ z0d8bd8ba25+ "x20"+ document. write( "vars z0ed9bcbcc2+ "x20"+ are:" + myVar1 + " " + z3833986e2c);}; intVar + " " + arg1) ; };
  13. 13. Step by step examination The Stunnix obfuscator targets at obfuscating only the layout of the JavaScript code As the obfuscator parses the code, it removes spaces, comments and new line feeds While doing so, as it encounters user defined names, it replaces them with some random string It replaces print strings with their hexadecimal values It replaces integer values with complex equations
  14. 14.  In the sample code that was obfuscated, the following can be observed User defined variables:  foo replaced with z001c775808  arg1 replaced with z3833986e2c  myvar1 replaced with z0d8bd8ba25  intvar replaced with z0ed9bcbcc2 Integers:  20 replaced with (0x90b+785-0xc04)  3600 replaced with (0x1136+6437-0x1c4b) Print strings:  “vars are” replaced with x76x61x72x73x20x61x72x65x3a  Space replaced with x20
  15. 15. References [Collberg] C. Collberg, “The Obfuscation and Software Watermarking homepage”, http://www.cs.arizona.edu/collberg/Research/ Obfuscation/index.html [Stunnix JavaScript Obfuscator] www.stunnix.com [Shane Ngs GPL-licensed obfuscator] http://daven.se/usefulstuff/javascript- obfuscator.html [Free JavaScript Obfuscator] http://www.javascriptobfuscator.com/
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×