Preventing Reverse Engineering Threat in Java: Byte Code Obfuscation Techniques
IEEE—ICET 2006
2nd International Conference on Emerging Technologies
Peshawar, Pakistan 13-14 November 2006
1-4244-0502-5/06/$20.00©2006 IEEE 689
Preventing Reverse Engineering Threat in Java
Using Byte Code Obfuscation Techniques
Jan M. Memon, Shams-ul-Arfeen, Asghar Mughal, Faisal Memon
Department of Computer Science
Isra University, Hyderabad, Pakistan
{janmohd, shams, asghar, faisal}@isra.edu.pk
Abstrac: Java programs are compiled into a platform independent byte code format. Much of the information contained in the source code is retained in the byte code. Consequently reverse engineering becomes much easier. Several software protection techniques have been developed, of which, code obfuscation seems to be a promising one. In this paper, two new byte code obfuscation techniques have been evolved. These techniques involve applying obfuscating transformations to the Java byte code. These techniques prevent automatic software analysis tools, De-compilers, from producing correct source code by introducing syntax and semantic errors in the generated source code. The proposed techniques are applied on sample Java class files to examine the effectiveness of the techniques in impeding reverse engineering.
The results reveal the erroneous codes generated by the tested de-compilers.
Keywords: reverse engineering, obfuscation, byte code, de-compiler
1. INTRODUCTION
Java provides platform independence to software programs. The software is compiled in the intermediate code format, the class file format. A class file contains massive amount of information enough for easy reverse engineering
[11]. When an organization sells its software, developed in Java, to the other organization, it delivers its software by providing the intermediate code format. The organization purchasing the software may break all the laws and obligations by simply hiring a software developer to reverse engineer the software often with the help of automated
2nd International Conference on Emerging Technologies
Peshawar, Pakistan 13-14 November 2006
1-4244-0502-5/06/$20.00©2006 IEEE 689
Preventing Reverse Engineering Threat in Java
Using Byte Code Obfuscation Techniques
Jan M. Memon, Shams-ul-Arfeen, Asghar Mughal, Faisal Memon
Department of Computer Science
Isra University, Hyderabad, Pakistan
{janmohd, shams, asghar, faisal}@isra.edu.pk
Abstrac: Java programs are compiled into a platform independent byte code format. Much of the information contained in the source code is retained in the byte code. Consequently reverse engineering becomes much easier. Several software protection techniques have been developed, of which, code obfuscation seems to be a promising one. In this paper, two new byte code obfuscation techniques have been evolved. These techniques involve applying obfuscating transformations to the Java byte code. These techniques prevent automatic software analysis tools, De-compilers, from producing correct source code by introducing syntax and semantic errors in the generated source code. The proposed techniques are applied on sample Java class files to examine the effectiveness of the techniques in impeding reverse engineering.
The results reveal the erroneous codes generated by the tested de-compilers.
Keywords: reverse engineering, obfuscation, byte code, de-compiler
1. INTRODUCTION
Java provides platform independence to software programs. The software is compiled in the intermediate code format, the class file format. A class file contains massive amount of information enough for easy reverse engineering
[11]. When an organization sells its software, developed in Java, to the other organization, it delivers its software by providing the intermediate code format. The organization purchasing the software may break all the laws and obligations by simply hiring a software developer to reverse engineer the software often with the help of automated
References: [1] G. Nolan, Decompiling Java, Apress, Berkeley, 2004. Privacy, 2003, Vol. 1, No. 1, pp. 95-98. and Privacy, 2004, Vol. 2, No. 6, pp. 34-41. Network Associates Laboratories, 2003.