Manufacturing cheap, resilient, and stealthy opaque constructs

Christian Collberg, Clark Thomborson, Douglas Low

Research output: Contribution to journalConference article

320 Scopus citations

Abstract

It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we describe the design of a Java code obfuscator, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer. We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.

Original languageEnglish (US)
Pages (from-to)184-196
Number of pages13
JournalConference Record of the Annual ACM Symposium on Principles of Programming Languages
StatePublished - Jan 1 1998
Externally publishedYes
EventProceedings of the 1998 25th ACM SIGPLAN SIGACT Symposium on Principles of Programming Languages - San Diego, CA, USA
Duration: Jan 19 1998Jan 21 1998

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Manufacturing cheap, resilient, and stealthy opaque constructs'. Together they form a unique fingerprint.

  • Cite this