Java Code Obfuscation Neerja Bhatnagar

Reverse Engineering Figuring out source code corresponding to a given byte code Source code intellectual property, needs protection Money, intelligence, hard work, time put to work to develop code

Problem of Reverse Engineering Java code especially prone to reverse engineering, because Java byte code well documented and well structured (freely available in JVM specs) Most of the information contained in source code also present in byte code. Software engineers have little control over distribution of Java applications and their source code because most Java applications distributed over the Internet (easy downloads)

Code Obfuscation Technique to discourage and deter reverse engineering Scrambles byte code to make it unintelligible, difficult to understand Alters structure and appearance of code Attempts to make in uneconomical for an attacker to reverse engineer code Does not affect function of original program Does not alter source code, alters byte code

Code Obfuscation Techniques Low-Level Layout Obfuscations Control Obfuscations Data Obfuscations High-Level or Design Obfuscations Class Coalescing Obfuscation Class Splitting Obfuscation Type Hiding

Design Obfuscations Low-level obfuscation techniques not sufficient because they do not hide design information Design information can facilitate an attacker from gaining general understanding of code and what it does Design obfuscations aim at hiding valuable high-level design information

Class Coalescing Obfuscation Combines two or more classes into a single class If the classes to be coalesced have attributes with same name, these are renamed to distinguish among them have non-constructor methods with same signature, except for one non-constructor methods, all others are renamed and altered

Class Coalescing Obfuscation Example

public class Animal { String name; int age; public Animal() { name = “Goofy”; age = 1; } public int calcAge() { return 2004 – 1985; } public void comments() { System.out.println(“Fluffy”); } public class A { String name; String model; int age; int age2; public Animal() { name = “Goofy”; age = 1; } public Car() { name = “VW”; age = 2; } public int calcAge() { return 2004 – 1985; } public int calcAge(int make) { return 2004 – make; } public void comments() { System.out.println(“Fluffy”); } public void commentsFromCar() { System.out.println(“Smooth”); } public class Car { String model; int age; public Car() { name = “VW”; age = 2; } public int calcAge(int make) { return 2004 – make; } public void comments() { System.out.println(“Smooth”); }

Class Coalescing Obfuscation Shortcomings Becomes very complicated when classes extend other classes or implement interfaces because superclasses and interfaces need to be coalesced too variable names and method signatures cannot be altered in any way Cannot be performed when classes extend classes from Java standard library Java standard library classes need to be coalesced too Makes code non-portable Classes with native methods cannot be coalesced because analyzing native code very difficult

Class Splitting Obfuscation Splits a class into multiple classes Several ways to split a class Valid split function preserves dependencies among class’s methods and fields Valid split functions include Split class A into classes A1 and A2, where A2 extends A1 Split methods defined in class A between classes A1 and A2

Class Splitting Obfuscation Example

public class Dog { String name; int age; String sound; public Dog() { name = “Bruno”; age = 5; sound = “woof”; } public void bark() { System.out.println(“Woof! Woof!”); } public void sleep() { System.out.println(“zzz…zzz”); } public class Animal { String name; int age; public Animal() { name = “Bruno”; age = 5; } public void sleep() { System.out.println(“zzz…zzz”); } public class Doggie extends Animal { String sound; public Doggie() { super(); sound = “woof”; } public void bark() { System.out.println(“Woof! Woof!”); }

Class Splitting Obfuscation Shortcomings Splitting a class very difficult unless initial design faulty May have reverse effect Splitting a class may improve overall code design, and get rid of spaghetti code! Might actually help the attacker, rather than deter him

Type Hiding Uses the concept of Java interface Transforms a concrete class into several interfaces Each interface contains a random subset of the concrete class’s methods and fields Obscures by declaring a concrete class that implements those interfaces

Type Hiding Example

public class Dog { String name; int age; String sound; public Dog() { name = “Bruno”; age = 5; sound = “woof”; } public void bark() { System.out.println(“Woof! Woof!”); } public void sleep() { System.out.println(“zzz…zzz”); } interface LivingCreature { public void bark(); } interface Animal { public void sleep(); } public class Doggie { String name; int age; String sound; public Dog() { name = “Bruno”; age = 5; sound = “woof”; } public void bark() { System.out.println(“Woof! Woof!”); } public void sleep() { System.out.println(“zzz…zzz”); }

Type Hiding Shortcomings Type hiding done the way described in previous slide especially vulnerable to reverse engineering More effective when combined with low-level obfuscation techniques Can be made stronger when randomly selected classes go through type hiding, instead of all classes

Obfuscation Products RetroGuard by Retrologic SystemsRetrologic Systems Klassmaster by ZelixZelix JObfuscator by DuckwareDuckware Semantic Designs

Conclusion None of the obfuscation techniques sufficient by themselves A combination of these techniques might provide strong resistance to reverse engineering Some claim code obfuscation slows down an application Impact on performance depends on a particular technique Impact usually minimal or none at all Decision to obfuscate or not is a trade-off between protecting code or taking a slight performance hit