Embed Size (px)
DESCRIPTION
http://whoyouknow.co.uk/uni/phd/ Computer programs are written by a programmer in an English-like programming language, known as source-code. There are many programming languages available to programmers who can choose a language for their specific needs. Source code is transformed by a compiler into a sequence of instructions to be executed by a computer - a task known as compiling. Java is a popular programming language mainly due to it's `write once, run anywhere' nature - programmers write Java source code and the compiled Java program is able to run on many different systems without changes. In comparison, compiled programs written in the C language are tied to particular types of computers. One disadvantage that the Java programming language has, compared to other languages like C, is the relative ease of decompiling - the act of transforming compiled programs back into source code. Access to source code presents a risk that adversaries (such as software pirates or competing companies) could access proprietary information used to create a program. Code obfuscation techniques can be used to make decompiled code more confusing and in certain cases cause decompilation tools to fail. Such techniques can be applied to Java programs to hinder decompilation and decrease program understanding. What obfuscating transformations can be applied to Java programs to hinder decompilation? How effective are such obfuscating transformations? What are the ways in which adverseries could attack such obfuscations? How can we use this knowledge to create secure Java programs?
Citation preview
04/28/09Obfuscating Transformations for Decompilation Resistant JavaJames Hamilton
0 1 0 0 0 0 1 1
0 1 1 0 0 0 1 0
0 1 1 0 1 0 1 0
0 1 0 1 0 1 0 1
1 0 0 1
0 0 0 1 1 1 0 1
2
computer programs
computer programs are written in an English-like language, by a programmer,
known as source code
many programming languages exist, for different purposes, for example Java
source code is transformed into executable computer instructions by a compiler
000101010101010110111111010110110 010100101101010110101010101010100 101001010101010101010101010111111 101001000000010101010101010101010 101001010101111111101010101110001
public class SimpleProgram { public static void main(String[] args) { System.out.println("Hello"); }}
3
understanding computer programs
source code
public class SimpleProgram {
public static void main(String[] args) {
System.out.println("Hello");
}
}
executable code
000101010101010110111111010110110
010100101101010110101010101010100
101001010101010101010101010111111
101001000000010101010101010101010
101001010101111111101010101110001
easy to understand
hard to understand
4
stealing computer programs
software companies sell the executable version of their program but keep the source code secret
software theives want the source code to change and re-sell
000101010101010110111111010110110010100101101010110101010101010100101001010101010101010101010111111101001000000010101010101010101010101001010101111111101010101110001
software company
software theif
5
stealing computer programs by decompilation
software theives may attempt to decompile an executable program to access the source code
software company
software theif
6
protecting computer programs using code obfuscation
software companies may obscure their programs to protect from decompilation
software thieves find it difficult to understand and decompile programs
00010101010101!&^%&01111010110110010^%$£&&$101011010101010£$%$£0010100101$£%£$^$%&!£*)(*^&$%£”0111110%$&%£$000010101010^&%!1010101010100101$”$&^**^%%((!$1010^01110001
software company
software thief
7
stealing obfuscated programs using program slicing
software thieves may slice programs to remove obscurities and reveal only the useful parts
software company
software thief
8
protecting obfuscated programs from program slicing
software companies must make sure the obfuscations cover all sections of code, without leaving useful sections for software thieves to find
obfuscations must be hard to detect and remove
software thieves will have trouble finding useful code
$%$^%^*&(%$£^%$^$%^$%£”£!!”$(*&^%!££%$£^%^*”£$”&%^*”($£”$)^**%*$*%£$!£^*£&!£”)%($%&£&$%(!£*(!£*!(£*!$£&%!!!“£$”£$&£”!!”£!*($£!**££I£^*%£”*(&^*^(&*%!^$£$*(!!(£!)(*£^£!!””!!!!!!£%^&^$££$”””£”$$
software company
software thief
9
research questions
➢ what obfuscations can be applied to computer programs to hinder decompilation and software theft?
➢ how effective are such obfuscations against attacks?➢ what are the ways in which adversaries could attack such
obfuscations?➢ how can we use this knowledge to create secure programs?
software company
software thief
10
questions?
