Your SlideShare is downloading. ×
Obfuscating Transformations for Decompilation Resistant Java (designed for a non-specialist audience)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Obfuscating Transformations for Decompilation Resistant Java (designed for a non-specialist audience)

715
views

Published on

http://whoyouknow.co.uk/uni/phd/ …

http://whoyouknow.co.uk/uni/phd/

Computer programs are written by a programmer in an English-like programming language, known as source-code. There are many programming languages available to programmers who can choose a language for their specific needs.

Source code is transformed by a compiler into a sequence of instructions to be executed by a computer - a task known as compiling. Java is a popular programming language mainly due to it's `write once, run anywhere' nature - programmers write Java source code and the compiled Java program is able to run on many different systems without changes. In comparison, compiled programs written in the C language are tied to particular types of computers.

One disadvantage that the Java programming language has, compared to other languages like C, is the relative ease of decompiling - the act of transforming compiled programs back into source code. Access to source code presents a risk that adversaries (such as software pirates or competing companies) could access proprietary information used to create a program.

Code obfuscation techniques can be used to make decompiled code more confusing and in certain cases cause decompilation tools to fail. Such techniques can be applied to Java programs to hinder decompilation and decrease program understanding.

What obfuscating transformations can be applied to Java programs to hinder decompilation? How effective are such obfuscating transformations? What are the ways in which adverseries could attack such obfuscations? How can we use this knowledge to create secure Java programs?

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
715
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
30
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 Obfuscating Transformations 1 0 0 1 for Decompilation Resistant 04/28/09 Java James Hamilton 0 0 0 1 1 1 0 1
  • 2. computer programs computer programs are written in an English-like language, by a programmer, known as source code many programming languages exist, for different purposes, for example Java public class SimpleProgram { public static void main(String[] args) { System.out.println(quot;Helloquot;); } } source code is transformed into executable computer instructions by a compiler 000101010101010110111111010110110 010100101101010110101010101010100 101001010101010101010101010111111 101001000000010101010101010101010 101001010101111111101010101110001 2
  • 3. understanding computer programs source code public class SimpleProgram { public static void main(String[] args) { System.out.println(quot;Helloquot;); } } easy to understand executable code 000101010101010110111111010110110 010100101101010110101010101010100 101001010101010101010101010111111 101001000000010101010101010101010 101001010101111111101010101110001 hard to understand 3
  • 4. stealing computer programs software companies sell the executable version of their program but keep the source code secret software theives want the source code to change and re-sell 000101010101010110111111010110110 010100101101010110101010101010100 101001010101010101010101010111111 101001000000010101010101010101010 101001010101111111101010101110001 software software company theif 4
  • 5. stealing computer programs by decompilation software theives may attempt to decompile an executable program to access the source code software software company theif 5
  • 6. protecting computer programs using code obfuscation software companies may obscure their programs to protect from decompilation software thieves find it difficult to understand and decompile programs 00010101010101!&^%&01111010110110 010^%$£&&$101011010101010£$%$£00 10100101$£%£$^$%&!£*)(*^&$%£”01111 10%$&%£$000010101010^&%!10101010 10100101$”$&^**^%%((!$1010^01110001 software software company thief 6
  • 7. stealing obfuscated programs using program slicing software thieves may slice programs to remove obscurities and reveal only the useful parts software software company thief 7
  • 8. protecting obfuscated programs from program slicing software companies must make sure the obfuscations cover all sections of code, without leaving useful sections for software thieves to find obfuscations must be hard to detect and remove software thieves will have trouble finding useful code $%$^%^*&(%$£^%$^$%^$%£”£!!”$(*&^% !££%$£^%^*”£$”&%^*”($£”$)^**%*$*%£$! £^*£&!£”)%($%&£&$%(!£*(!£*!(£*!$£&%!!! “£$”£$&£”!!”£!*($£!**££I£^*%£”*(&^*^(&*% !^$£$*(!!(£!)(*£^£!!””!!!!!!£%^&^$££$”””£”$$ software software company thief 8
  • 9. research questions ➢ what obfuscations can be applied to computer programs to hinder decompilation and software theft? ➢ how effective are such obfuscations against attacks? ➢ what are the ways in which adversaries could attack such obfuscations? ➢ how can we use this knowledge to create secure programs? software software company thief 9
  • 10. questions? 10