@TECHREPORT{CollbergThomborsonLow97a, AUTHOR = "Christian Collberg and Clark Thomborson and Douglas Low", TITLE = "A Taxonomy of Obfuscating Transformations", MONTH = jul, YEAR = 1997, NUMBER = 148, NOTE = "http://www.cs.auckland.ac.nz/$\sim$collberg/Research/Publications/CollbergThomborsonLow97a/index.html", URL = { Collberg97a }, ABSTRACT = " It has become more and more common to distribute software in forms that retain most or all of the information present in the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. \par In this paper we review several techniques for technical protection of software secrets. We will argue that automatic {\em code obfuscation} is currently the most viable method for preventing reverse engineering. We then describe the design of a {\em code obfuscator}, a tool which converts a program into an equivalent one that is more difficult to understand and reverse engineer. \par The obfuscator is based on the application of code transformations, in many cases similar to those used by compiler optimizers. We describe a large number of such transformations, classify them, and evaluate them with respect to their {\em potency} (To what degree is a human reader confused?), {\em resilience} (How well are automatic {\em deobfuscation} attacks resisted?), and {\em cost} (How much overhead is added to the application?). \par We finally discuss some possible deobfuscation techniques (such as program {\em slicing}) and possible counter-measures an obfuscator could employ against them." }