It has become more and more common to distribute software in forms that retain most or all of the information present in the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we review several techniques for technical protection of software secrets. We will argue that automatic code obfuscation is currently the most viable method for preventing reverse engineering. We then describe the design of a code obfuscator, a tool which converts a program into an equivalent one that is more difficult to understand and reverse engineer. The obfuscator is based on the application of code transformations, in many cases similar to those used by compiler optimizers. We describe a large number of such transformations, classify them, and evaluate them with respect to their potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscati...

It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we describe the design of a Java code obfuscator, a tool which -- through the application of code transformations -- converts a Java program into an equivalent one that is more difficult to reverse engineer. We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused ?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to ...

ions and Unstructuring Data Structures Christian Collberg Clark Thomborson Douglas Low Department of Computer Science, The University of Auckland, Private Bag 92019, Auckland, New Zealand. fcollberg,cthombor,dlow001g@cs.auckland.ac.nz Abstract To ensure platform independence, mobile programs are distributed in forms that are isomorphic to the original source code. Such codes are easy to decompile, and hence they increase the risk of malicious reverse engineering attacks. Code obfuscation is one of several techniques which has been proposed to alleviate this situation. An obfuscator is a tool which -- through the application of code transformations -- converts a program into an equivalent one that is more difficult to reverse engineer. In a previous paper [5] we have described the design of a control flow obfuscator for Java. In this paper we extend the design with transformations that obfuscate data structures and abstractions. In particular, we show how to obfuscate classes, arra...

We identify three types of attack on the intellectual property contained in software and three corresponding technical defenses. A defense against reverse engineering is obfuscation, a process that renders software unintelligible but still functional. A defense against software piracy is watermarking, a process that makes it possible to determine the origin of software. A defense against tampering is tamper-proofing, so that unauthorized modifications to software (for example, to remove a watermark) will result in nonfunctional code. We briefly survey the available technology for each type of defense.

Obfuscation can be a simple tool for soft- ware protection. In this paper we present a method of machine code obfuscation, which can be applied to most present processors. The obfuscation method is based on a theory, which led to two useful theorems. The proposed algorithm of obfuscation was implemented and tested using analytical and empirical approaches. The obtained results give the first estimation of the maximum possible eciency of the obfuscation process.

The language Java was designed to be compiled into a platform independent bytecode format. Much of the information contained in the source code remains in the bytecode, which means that decompilation is easier than with traditional native codes. As a result, software developers are taking seriously the threat of competitors using reverse-engineering to extract proprietary algorithms from compiled Java programs. We examine several technical protection techniques that could be used to hinder the reverse-engineering of software. We claim that code obfuscation is the most suitable technical protection technique that can be applied to a portable language likeJava. The technique of code obfuscation involves applying obfuscating transformations to a program. These transformations make the program more difficult for a reverse-engineer to understand but do not affect the functionality of the program. We focus on a particular category of obfuscating transformations --- control flow obfuscatio...