Manufacturing cheap, resilient, and stealthy opaque constructs

Christian S Collberg, Clark Thomborson, Douglas Low

Research output: Chapter in Book/Report/Conference proceedingConference contribution

297 Citations (Scopus)

Abstract

It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we describe the design of a Java code obfuscator, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer. We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.

Original languageEnglish (US)
Title of host publicationConference Record of the Annual ACM Symposium on Principles of Programming Languages
Editors Anon
PublisherACM
Pages184-196
Number of pages13
StatePublished - 1998
Externally publishedYes
EventProceedings of the 1998 25th ACM SIGPLAN SIGACT Symposium on Principles of Programming Languages - San Diego, CA, USA
Duration: Jan 19 1998Jan 21 1998

Other

OtherProceedings of the 1998 25th ACM SIGPLAN SIGACT Symposium on Principles of Programming Languages
CitySan Diego, CA, USA
Period1/19/981/21/98

Fingerprint

Reverse engineering
Static analysis
Flow control
Engineers
Costs

ASJC Scopus subject areas

  • Software

Cite this

Collberg, C. S., Thomborson, C., & Low, D. (1998). Manufacturing cheap, resilient, and stealthy opaque constructs. In Anon (Ed.), Conference Record of the Annual ACM Symposium on Principles of Programming Languages (pp. 184-196). ACM.

Manufacturing cheap, resilient, and stealthy opaque constructs. / Collberg, Christian S; Thomborson, Clark; Low, Douglas.

Conference Record of the Annual ACM Symposium on Principles of Programming Languages. ed. / Anon. ACM, 1998. p. 184-196.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Collberg, CS, Thomborson, C & Low, D 1998, Manufacturing cheap, resilient, and stealthy opaque constructs. in Anon (ed.), Conference Record of the Annual ACM Symposium on Principles of Programming Languages. ACM, pp. 184-196, Proceedings of the 1998 25th ACM SIGPLAN SIGACT Symposium on Principles of Programming Languages, San Diego, CA, USA, 1/19/98.
Collberg CS, Thomborson C, Low D. Manufacturing cheap, resilient, and stealthy opaque constructs. In Anon, editor, Conference Record of the Annual ACM Symposium on Principles of Programming Languages. ACM. 1998. p. 184-196
Collberg, Christian S ; Thomborson, Clark ; Low, Douglas. / Manufacturing cheap, resilient, and stealthy opaque constructs. Conference Record of the Annual ACM Symposium on Principles of Programming Languages. editor / Anon. ACM, 1998. pp. 184-196
@inproceedings{136642f24b0746619a9143244c03ee32,
title = "Manufacturing cheap, resilient, and stealthy opaque constructs",
abstract = "It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we describe the design of a Java code obfuscator, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer. We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.",
author = "Collberg, {Christian S} and Clark Thomborson and Douglas Low",
year = "1998",
language = "English (US)",
pages = "184--196",
editor = "Anon",
booktitle = "Conference Record of the Annual ACM Symposium on Principles of Programming Languages",
publisher = "ACM",

}

TY - GEN

T1 - Manufacturing cheap, resilient, and stealthy opaque constructs

AU - Collberg, Christian S

AU - Thomborson, Clark

AU - Low, Douglas

PY - 1998

Y1 - 1998

N2 - It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we describe the design of a Java code obfuscator, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer. We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.

AB - It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of malicious reverse engineering attacks. In this paper we describe the design of a Java code obfuscator, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer. We describe a number of transformations which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.

UR - http://www.scopus.com/inward/record.url?scp=0031649930&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0031649930&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:0031649930

SP - 184

EP - 196

BT - Conference Record of the Annual ACM Symposium on Principles of Programming Languages

A2 - Anon, null

PB - ACM

ER -