Pushing Java Type Obfuscation to the Limit

Bytecoded .Net and Java programs reveal type information through encoded type hierarchies, casts, field declarations and method signatures. This facilitates bytecode verification, but it also helps reverse engineers. To obfuscate the type information, we combine three transformations. Class hierarch...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on dependable and secure computing Vol. 11; no. 6; pp. 553 - 567
Main Authors Foket, Christophe, De Sutter, Bjorn, De Bosschere, Koen
Format Journal Article
LanguageEnglish
Published Washington IEEE 01.11.2014
IEEE Computer Society
Subjects
Casts
class hierarchy
Computer languages
Cryptography
Digital signatures
Effectiveness studies
Encoding
Hierarchies
Insertion
Interfaces
Java
Java (programming language)
Java bytecode
Manufacturing engineering
Merging
obfuscation
Object oriented programming
points-to sets
Production facilities
Signatures
Software engineering
Transformations
type information
understandability
Online AccessGet full text

Cover

More Information
Summary:Bytecoded .Net and Java programs reveal type information through encoded type hierarchies, casts, field declarations and method signatures. This facilitates bytecode verification, but it also helps reverse engineers. To obfuscate the type information, we combine three transformations. Class hierarchy flattening removes as much of the type hierarchy from programs as possible. Interface merging and object factory insertion further remove type information from casts, method signatures, and object creation sites. We evaluate these techniques with a prototype tool for Java bytecode. On real-life programs from the DaCapo benchmark suite, we demonstrate that our approach effectively hinders human and tool analysis with limited overhead.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2014.2305990