Obfuscation in .NET Atchyutuni Shilpa CS-795.

Slides:

Advertisements

Similar presentations

By Sam Nasr September 28, 2004 Understanding MSIL.

Advertisements

E-Glue Application Merging executables in WIN32 environment By : Gil Arbeli, Ran Didi Instructor : Gal Badishi Softlab – June 2006.

Systems Software.

CS266 Software Reverse Engineering (SRE) Applying Anti-Reversing Techniques to Java Bytecode Teodoro (Ted) Cipresso,

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.

DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.

Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.

Software Language Levels Machine Language (Binary) Assembly Language –Assembler converts Assembly into machine High Level Languages (C, Perl, Shell)

Code Obfuscation Its limits in today Software & Hardware By Shahid Razzaq.

Introducing the Common Language Runtime for.NET. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution.

Guide To UNIX Using Linux Third Edition

Introducing the Common Language Runtime. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution engine.

Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.

1 Chapter Two Introduction to the Programming Language C.

2  Problem Definition  Project Purpose – Building Obfuscator  Obfuscation Quality  Obfuscation Using Opaque Predicates  Future Planning.

Platforms and tools for Web Services and Mobile Applications Introduction to C# Bent Thomsen Aalborg University 3rd and 4th of June 2004.

Breaking Abstractions and Unstructuring Data Structures Christian Collberg Clark Thomborson Douglas Low “Mobile programs are distributed in forms that.

Overview of Microsoft.Net and Vb.Net ITSE 2349 Spring 2002 Material from Microsoft.Net an Overview for ACC faculty by Stuart Laughton and Introduction.

Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.

© Janice Regan, CMPT 128, Jan CMPT 128 Introduction to Computing Science for Engineering Students Creating a program.

Application Security Tom Chothia Computer Security, Lecture 14.

The Metadata System1. 2 Introduction Metadata is data that describes data. Traditionally, metadata has been found in language- specific files (e.g. C/C++

11 Getting Started with C# Chapter Objectives You will be able to: 1. Say in general terms how C# differs from C. 2. Create, compile, and run a.

Bruno Cabral Summary Vision Statement Process and Methodology Key Features Application scenarios What can we really do with RAIL?

Introduction to .NET Framework

Understanding Code Compilation and Deployment Lesson 4.

CSC 494/594 C# and ASP.NET Programming. C# 2012 C# Object-oriented language with syntax that is similar to Java.

High level & Low level language High level programming languages are more structured, are closer to spoken language and are more intuitive than low level.

Today discussion Intellectual property. What exactly is intellectual property ? Types of intellectual property. Patents, Trademarks and Designs. The ”BIG.

DEV 344.NET Obfuscation – Raising the Security Bar Gabriel Torok – President Bill Leach - CTO PreEmptive Solutions.

Scalable Game Development William Roberts Senior Game Engineer

Week 1: THE C# LANGUAGE Chapter 1: Variables and Expressions ➤ Included in Visual Studio.NET ➤ What the.NET Framework is and what it contains ➤ How.NET.

EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.

Introducing Visual Studio.NET Petar Banov. Introducing Visual Studio.NET What is.NET all about?.NET Technologies Visual Studio.NET.

Module 1: Getting Started. Introduction to.NET and the.NET Framework Exploring Visual Studio.NET Creating a Windows Application Project Overview Use Visual.

Vikas Gonti. Dictionary Meaning: To confuse, to make obscure a problem with extraneous information or to darken. - In Terms of Technology:

Protecting Software Code By Guards The George Washington University Cs297 YU-HAO HU.

1 Java applications reverse engineering Antoni Bertel AUGUST 4, 2015.

Presentation Name / 1 Visual C++ Builds and External Dependencies NAME.

Lecture 4: J# Execution Model. 2 MicrosoftIntroducing CS using.NETJ# in Visual Studio.NET 4-2 Objectives “J# programs execute like any other.NET program.

 Programming - the process of creating computer programs.

Bruno Cabral “Reflection, Code Generation and Instrumentation in the.NET platform” University of Coimbra.

Module 1 Introducing C# and the.NET Framework. Module Overview Introduction to the.NET Framework 4 Creating Projects Within Visual Studio 2010 Writing.

Lecture Set 1 Part B: Understanding Visual Studio and.NET – Structure and Terminology 1/16/ :04 PM.

Friday, 23 August 2013 Session Work out Presented By: Abhijit Pal.

Integrating and Extending Workflow 8 AA301 Carl Sykes Ed Heaney.

Сергей Лутай REFACTORING converts single-tier code into distributed RETARGETING converts MSIL code into code for other virtual.

Compilers and Security

Source Code Inspection and Software Reuse

Introduction to Visual Basic. NET,. NET Framework and Visual Studio

Testing Tools & Standards

INF230 Basics in C# Programming

Hardware Protection Against Software Piracy

Cash Me Presented By Group 8 Kartik Patel, Aaron Zhong, Wen-Kai Chen,

.Net A brief introduction to

C# and the .NET Framework

Reverse engineering and debugging .Net applications

Un</br>able’s MySecretSecrets

CS360 Windows Programming

.NET Framework: Backdoors

Module 0: Introduction Chapter 2: Getting Started

Module 1: Getting Started

Introduction to C# AKEEL AHMED.

Advanced Programming: C# Lecture 01: Introduction

Introducing the .NET Framework

Obfuscation Aparna Belhe CS-795.

Hello World Program In Visual Studio and Debugging

IS 135 Business Programming

Presentation transcript:

Obfuscation in .NET Atchyutuni Shilpa CS-795

What is Obfuscation? Dictionary Meaning: Obfuscation in .Net: To confuse, to make obscure a problem with extraneous information, to darken. -www.dictionary.com Obfuscation in .Net: - Technology of shrouding the facts. -Technology that makes .NET assemblies more difficult to decompiles and impedes reverse engineering efforts.

.NET Software Development Lifecycle Protect

Why Obfuscation? .NET Programs compiled in MSIL, which is at a higher level than binary machine code. So .NET Programs are easy to reverse engineer using decompilation. The .NET framework ships with a tool (ILDASM) that can disassemble MSIL. Anyone can peruse the details of the software.

Why Obfuscation ctd…. Obfuscation reduces the size of an executable. Obfuscation improves the application performance at runtime. It protects the intellectual property. Why Obfuscation ctd….

Dotfuscator Acts obfuscator, pruner, linker, and watermarker for .NET applications. Obfuscation is applied to MSIL and not source code. Obfuscated code is functionally equivalent to traditional MSIL. It executes on CLR with similar results.

Dotfuscator features Renaming : Uses a patented Overload-Induction renaming system. Renames as many methods as possible to a same name. Saves space as short names used for renaming.

Renaming Example Original Source Code Before Obfuscation private void CalcPayroll(SpecialList employeeGroup) { while (employeeGroup.HasMore()) { employee = employeeGroup.GetNext(true); employee.UpdateSalary(); DistributeCheck(employee); } Reverse-Engineered Source Code After Overload Induction Dotfuscation private void a(a b) { while (b.a()) { a = b.a(true); a.a(); a(a);

Dotfuscator Features ctd… 2. String Encryption: Strings in sensitive part of the code are encrypted. 3. Control Flow Obfuscation: - Introduces false conditions and misleading constructs in decompiled code. 4. Pruning: Determines unused types, methods and fields. Helps reduce size of the assembly.

5. Assembly Linking: Links multiple assemblies into one or more output assemblies. 6. Watermarking: - Used to Embed data (copyright info/unique nos.) into applications, making them unique.

Demonstration

Drawbacks Maintaining and Troubleshooting becomes difficult. Can break code that depends on reflection, serialization or remoting. Hampers the debugging process, as obfuscation alters MSIL. Drawbacks

Conclusion Obfuscation is not 100 percent protection. If a hacker is perseverant enough, they can find the meaning of your code. The goal of obfuscation is to make the reverse engineering process extremely time consuming and painful so that it not worth the effort. Conclusion

Professional Visual Studio 2005 – Andrew Parsons and Nick Randolph. http://aspnet.4guysfromrolla.com http://www.preemptive.com http://msdn2.microsoft.com/en- us/library/ms227295(VS.80).aspx References

THANK YOU !!