Presentation is loading. Please wait.

Presentation is loading. Please wait.

Obfuscation in .NET Atchyutuni Shilpa CS-795.

Published byAntonia Gibson Modified over 6 years ago

Similar presentations

Presentation on theme: "Obfuscation in .NET Atchyutuni Shilpa CS-795."— Presentation transcript:

1 Obfuscation in .NET Atchyutuni Shilpa CS-795

2 What is Obfuscation? Dictionary Meaning: Obfuscation in .Net:
To confuse, to make obscure a problem with extraneous information, to darken. - Obfuscation in .Net: - Technology of shrouding the facts. -Technology that makes .NET assemblies more difficult to decompiles and impedes reverse engineering efforts.

3 .NET Software Development Lifecycle
Protect

4 Why Obfuscation? .NET Programs compiled in MSIL, which is at a higher level than binary machine code. So .NET Programs are easy to reverse engineer using decompilation. The .NET framework ships with a tool (ILDASM) that can disassemble MSIL. Anyone can peruse the details of the software.

5 Why Obfuscation ctd…. Obfuscation reduces the size of an executable.
Obfuscation improves the application performance at runtime. It protects the intellectual property. Why Obfuscation ctd….

6 Dotfuscator Acts obfuscator, pruner, linker, and watermarker for .NET applications. Obfuscation is applied to MSIL and not source code. Obfuscated code is functionally equivalent to traditional MSIL. It executes on CLR with similar results.

7 Dotfuscator features Renaming :
Uses a patented Overload-Induction renaming system. Renames as many methods as possible to a same name. Saves space as short names used for renaming.

8 Renaming Example Original Source Code Before Obfuscation
private void CalcPayroll(SpecialList employeeGroup) { while (employeeGroup.HasMore()) { employee = employeeGroup.GetNext(true); employee.UpdateSalary(); DistributeCheck(employee); } Reverse-Engineered Source Code After Overload Induction Dotfuscation private void a(a b) { while (b.a()) { a = b.a(true); a.a(); a(a);

9 Dotfuscator Features ctd…
2. String Encryption: Strings in sensitive part of the code are encrypted. 3. Control Flow Obfuscation: - Introduces false conditions and misleading constructs in decompiled code. 4. Pruning: Determines unused types, methods and fields. Helps reduce size of the assembly.

10 5. Assembly Linking: Links multiple assemblies into one or more output assemblies. 6. Watermarking: - Used to Embed data (copyright info/unique nos.) into applications, making them unique.

11 Demonstration

12 Drawbacks Maintaining and Troubleshooting becomes difficult.
Can break code that depends on reflection, serialization or remoting. Hampers the debugging process, as obfuscation alters MSIL. Drawbacks

13 Conclusion Obfuscation is not 100 percent protection.
If a hacker is perseverant enough, they can find the meaning of your code. The goal of obfuscation is to make the reverse engineering process extremely time consuming and painful so that it not worth the effort. Conclusion

14 Professional Visual Studio 2005 – Andrew Parsons and Nick Randolph.
us/library/ms227295(VS.80).aspx References

15 THANK YOU !!

Download ppt "Obfuscation in .NET Atchyutuni Shilpa CS-795."

Similar presentations

By Sam Nasr September 28, 2004 Understanding MSIL.

By Sam Nasr September 28, 2004 Understanding MSIL.
E-Glue Application Merging executables in WIN32 environment By : Gil Arbeli, Ran Didi Instructor : Gal Badishi Softlab – June 2006.

E-Glue Application Merging executables in WIN32 environment By : Gil Arbeli, Ran Didi Instructor : Gal Badishi Softlab – June 2006.
Systems Software.

Systems Software.
CS266 Software Reverse Engineering (SRE) Applying Anti-Reversing Techniques to Java Bytecode Teodoro (Ted) Cipresso,

CS266 Software Reverse Engineering (SRE) Applying Anti-Reversing Techniques to Java Bytecode Teodoro (Ted) Cipresso,
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.

.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.
DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.

DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.
Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.

Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.
10 -6. Software Language Levels Machine Language (Binary) Assembly Language –Assembler converts Assembly into machine High Level Languages (C, Perl, Shell)

Software Language Levels Machine Language (Binary) Assembly Language –Assembler converts Assembly into machine High Level Languages (C, Perl, Shell)
Code Obfuscation Its limits in today Software & Hardware By Shahid Razzaq.

Code Obfuscation Its limits in today Software & Hardware By Shahid Razzaq.
Introducing the Common Language Runtime for.NET. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution.

Introducing the Common Language Runtime for.NET. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Introducing the Common Language Runtime. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution engine.

Introducing the Common Language Runtime. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution engine.
Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.

Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.
1 Chapter Two Introduction to the Programming Language C.

1 Chapter Two Introduction to the Programming Language C.
2  Problem Definition  Project Purpose – Building Obfuscator  Obfuscation Quality  Obfuscation Using Opaque Predicates  Future Planning.

2  Problem Definition  Project Purpose – Building Obfuscator  Obfuscation Quality  Obfuscation Using Opaque Predicates  Future Planning.
Platforms and tools for Web Services and Mobile Applications Introduction to C# Bent Thomsen Aalborg University 3rd and 4th of June 2004.

Platforms and tools for Web Services and Mobile Applications Introduction to C# Bent Thomsen Aalborg University 3rd and 4th of June 2004.
Breaking Abstractions and Unstructuring Data Structures Christian Collberg Clark Thomborson Douglas Low “Mobile programs are distributed in forms that.

Breaking Abstractions and Unstructuring Data Structures Christian Collberg Clark Thomborson Douglas Low “Mobile programs are distributed in forms that.
Overview of Microsoft.Net and Vb.Net ITSE 2349 Spring 2002 Material from Microsoft.Net an Overview for ACC faculty by Stuart Laughton and Introduction.

Overview of Microsoft.Net and Vb.Net ITSE 2349 Spring 2002 Material from Microsoft.Net an Overview for ACC faculty by Stuart Laughton and Introduction.
Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.

Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.

Similar presentations

Ads by Google