An empirical study of the use of the GOTO statement
Journal of Systems and Software
Measurement of data structure complexity
Journal of Systems and Software - Special issue on the Oregon Metric Workshop
Operating system protection through program evolution
Computers and Security
Java Language Specification, Second Edition: The Java Series
Java Language Specification, Second Edition: The Java Series
A Metrics Suite for Object Oriented Design
IEEE Transactions on Software Engineering
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Decompiling Java Bytecode: Problems, Traps and Pitfalls
CC '02 Proceedings of the 11th International Conference on Compiler Construction
Soot - a Java bytecode optimization framework
CASCON '99 Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research
Decompiling Java using staged encapsulation
WCRE '01 Proceedings of the Eighth Working Conference on Reverse Engineering (WCRE'01)
Breaking Abstractions and Unstructuring Data Structures
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Obfuscation of design intent in object-oriented applications
Proceedings of the 3rd ACM workshop on Digital rights management
Relative factors in performance analysis of Java virtual machines
Proceedings of the 2nd international conference on Virtual execution environments
Programmer-friendly Decompiled Java
ICPC '06 Proceedings of the 14th IEEE International Conference on Program Comprehension
Software Structure Metrics Based on Information Flow
IEEE Transactions on Software Engineering
Control and data dependencies in business processes based on semantic business activities
Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services
A novel obfuscation: class hierarchy flattening
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
| Hi-index | 0.00 |
Bytecode, Java's binary form, is relatively high-level and therefore susceptible to decompilation attacks. An obfuscator transforms code such that it becomes more complex and therefore harder to reverse engineer. We develop bytecode obfuscations that are complex to reverse engineer but also do not significantly degrade performance. We present three kinds of techniques that: (1) obscure intent at the operational level; (2) complicate control flow and object-oriented design (i.e. program structure); and (3) exploit the semantic gap between what is legal in source code and what is legal in bytecode. Obfuscations are applied to a benchmark suite to examine their affect on runtime performance, control flow graph complexity and decompilation. These results show that most of the obfuscations have only minor negative performance impacts and many increase complexity. In almost all cases, tested decompilers fail to produce legal source code or crash completely. Those obfuscations that are decompilable greatly reduce the readability of output source.