research-article

JDATATRANS for array obfuscation in Java source codes to defeat reverse engineering from decompiled codes

Authors:

Praveen Sivadasan,

P SojanLal,

Naveen SivadasanAuthors Info & Claims

COMPUTE '09: Proceedings of the 2nd Bangalore Annual Compute Conference

Article No.: 13, Pages 1 - 4

https://doi.org/10.1145/1517303.1517318

Published: 09 January 2009 Publication History

Get Access

Abstract

Software obfuscation or obscuring a software is an approach to defeat the practice of reverse engineering a software for using its functionality illegally in the development of another software. Java applications are more amenable to reverse engineering and re-engineering attacks through methods such as decompilation because Java class files store the program in a semi complied form called 'byte' codes. The existing obfuscation systems obfuscate the Java class files. Obfuscated source code produce obfuscated byte codes and hence two level obfuscation (source code and byte code level) of the program makes it more resilient to reverse engineering attacks. But source code obfuscation is much more difficult due to richer set of programming constructs and the scope of the different variables used in the program and only very little progress has been made on this front. Hence programmers resort to adhoc manual ways of obscuring their program which makes it difficult for its maintenance and usability. To address this issue partially, we developed a user friendly tool JDATATRANS to obfuscate Java source code by obscuring the array usages. Using various array restructuring techniques such as 'array splitting', 'array folding' and 'array flattening', in addition to constant hiding, our system obfuscate the input Java source code and produce an obfuscated Java source code that is functionally equivalent to the input program. We also performed a number of experiments to measure the potency, resilience and cost incurred by our tool.

References

[1]

Christian Collberg, Clark Thomborson, and Douglas Low 1997. A Taxonomy of obfuscating Transformations. Report 148. Department of Computer Science, University of Auckland, 1997.

Google Scholar

[2]

Hausi A. M uller, Jens H. Jahnke, Dennis B. Smith, Margaret Anne Storey, Scott R. Tilley and Kenny Wong 2000. Reverse Engineering: A Roadmap. ACM 2000.

Google Scholar

[3]

Hongying Lai 2001. A comparative survey of Java Obfuscators available on the Internet. Project Report, University of Auckland, February 2001.

Google Scholar

[4]

C. Collberg and C. Thomborson 2002. Watermarking, Tamper-proofing and obfuscation -- tools for software protection. IEEE Transactions on Software Engineering, Vol. 28, pp. 735--746, August 2002.

Digital Library

Google Scholar

[5]

L. Ertaul and S. Venkatesh 2005. Novel Obfuscation Algorithms for Software Security. Proceedings of the 2005 International Conference on Software Engineering Research and Practice, SERP'05, June, Las Vegas, June, 2005.

Google Scholar

[6]

S. Praveen, P. Sojan Lal 2007. Array Data Transformation for Source Code Obfuscation. Proceedings of World Academy of Science, Engineering and Technology (PWASET) Volume 21 MAY 2007, ISSN 1307--6884.

Google Scholar

[7]

William Feng Zhu 2007. Concepts and Techniques in Software Watermarking and Obfuscation. PhD Thesis, August2007.

Google Scholar

Cited By

View all

Zeng YLiu F(2011)Abstract interpretation-based formal description of data obfuscationProceedings of 2011 International Conference on Electronic & Mechanical Engineering and Information Technology10.1109/EMEIT.2011.6023320(1447-1450)Online publication date: Aug-2011
https://doi.org/10.1109/EMEIT.2011.6023320
Sun H(undefined)Hull-White Model Calibration NotesSSRN Electronic Journal10.2139/ssrn.2578774
https://doi.org/10.2139/ssrn.2578774

Recommendations

Reverse Engineering Self-Modifying Code: Unpacker Extraction
WCRE '10: Proceedings of the 2010 17th Working Conference on Reverse Engineering

An important application of binary-level reverse engineering is in reconstructing the internal logic of computer malware. Most malware code is distributed in encrypted (or "packed") form, at runtime, an unpacker routine transforms this to the original ...
Programmer-friendly Decompiled Java
ICPC '06: Proceedings of the 14th IEEE International Conference on Program Comprehension

Java decompilers convert Java class files to Java source. Java class files may be created by a number of different tools including standard Java compilers, compilers for other languages such as AspectJ, or other tools such as optimizers or obfuscators. ...
Code obfuscation against static and dynamic reverse engineering
IH'11: Proceedings of the 13th international conference on Information hiding

The process of reverse engineering allows attackers to understand the behavior of software and extract proprietary algorithms and data structures (e.g. cryptographic keys) from it. Code obfuscation is frequently employed to mitigate this risk. However, ...

Comments

Information & Contributors

Information

Published In

COMPUTE '09: Proceedings of the 2nd Bangalore Annual Compute Conference

January 2009

148 pages

ISBN:9781605584768

DOI:10.1145/1517303

Conference Chair:
R. K. Shyamasundar
IBM Research labs, India

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 January 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

Compute '09

Sponsor:

Compute '09: ACM Bangalore Chapter Compute 2009

January 9 - 10, 2009

Bangalore, India

Acceptance Rates

COMPUTE '09 Paper Acceptance Rate 10 of 113 submissions, 9%;

Overall Acceptance Rate 114 of 622 submissions, 18%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
241
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Zeng YLiu F(2011)Abstract interpretation-based formal description of data obfuscationProceedings of 2011 International Conference on Electronic & Mechanical Engineering and Information Technology10.1109/EMEIT.2011.6023320(1447-1450)Online publication date: Aug-2011
https://doi.org/10.1109/EMEIT.2011.6023320
Sun H(undefined)Hull-White Model Calibration NotesSSRN Electronic Journal10.2139/ssrn.2578774
https://doi.org/10.2139/ssrn.2578774

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Recommendations

Reverse Engineering Self-Modifying Code: Unpacker Extraction

Programmer-friendly Decompiled Java

Code obfuscation against static and dynamic reverse engineering

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations