In this paper we describe the design of a Java code obfuscator, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer.
We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?).
The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.
See also the technical report A Taxonomy of Obfuscating Transformations and the article Breaking Abstractions and Unstructuring Data Structures.
| Gzipped Postscript |
|||
|---|---|---|---|
| Article | A4 | LETTER | (144k) |
| Postscript |
|||
| Article | A4 | LETTER | (640/704k) |
| |
|||
| Article | A4 | LETTER | (576k) |
| Gifs |
|||
| Article | [p1] [p2] [p3] [p4] [p5] [p6] [p7] | (7*20k) | |
| [p8] [p9] [p10] [p11] [p12] [p13] | (6*20k) | ||
| Tar'ed Gifs |
|||
| Article | A4.tar | (248k) | |
| ASCII Text |
|||
| The BibTeX entry | BibTeX.bib | (2k) | The Abstract | Abstract.txt | (2k) |
![[p1]](A41.gif){kind=link}
![[p2]](A42.gif){kind=link}
![[p3]](A43.gif){kind=link}
![[p4]](A44.gif){kind=link}
![[p5]](A45.gif){kind=link}
![[p6]](A46.gif){kind=link}
![[p7]](A47.gif){kind=link}
![[p8]](A48.gif){kind=link}
![[p9]](A49.gif){kind=link}
![[p10]](A410.gif){kind=link}
![[p11]](A411.gif){kind=link}
![[p12]](A412.gif){kind=link}
![[p13]](A413.gif){kind=link}