A Taxonomy of Obfuscating Transformations
Reference
Degree Grantor
Abstract
It has become more and more common to distribute software in forms that retain most or all of the information present in the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we review several techniques for technical protection of software secrets. We will argue that automatic code obfuscation is currently the most viable method for preventing reverse engineering. We then describe the design of a code obfuscator, a tool which converts a program into an equivalent one that is more difficult to understand and reverse engineer. The obfuscator is based on the application of code transformations, in many cases similar to those used by complier optimizers. We describe a large number of such transformations, classify them, and evaluated them with respect to their potency (to what degree is a human reader confused?), resilience (how well are automatic deobfuscation attacks resisted?), and cost (how much overhead is added to the application?). We finally discuss some possible deobfuscation techniques (such as program slicing) and possible countermeasures an obfuscator could employ against them.