Code Obfuscation. Where is it Heading?

  • Authors

    • Asmaa Mahfoud
    • Abu Bakar Sultan
    • Abdul Azim Abd
    • Norhayati Mohd Ali
    • Novia Admodisastro
    2018-09-12
    https://doi.org/10.14419/ijet.v7i4.1.19485
  • Reverse Engineering, Anti Reverse Engineering, Code Obfuscation, Software Security.
  • Reverse Engineering is the process of revealing hidden code from class file. It converts garbage to readable English text. The main purpose of Reverse Engineering is to uncover the hidden code when the documentation is poor, missing source file, and developer is no longer available to provide the original code source file. Hacker uses Reverse Engineering to attack the class file to uncover the code. Then, the code can be reused for other purposes without taking any permission from the original author. The class file contains all the information and business rules that will be revealed once Reverse Engineering process attacks. Anti-Reverse Engineering techniques are developed to stop, delay, and prevent Reverse Engineering; one of the most common techniques is Obfuscation. It has many forms of protection such as, changing the names of classes and variables names, hide classes, and change form of code. In this paper, an appraisal will be conducted to study the current Obfuscation techniques. This research proposes a new hybrid technique that is based on obfuscation; the technique will be using mathematics, Unicode, and unknown language to convert the source file to a garbage running file that does same task which normal source file does for java applications.

     

     
  • References

    1. [1] Acknman, L. (1992). After accolade: time for new laws? washington: Wushington Unimsiq.

      [2] Briand.L.C, (2006), 13th Working Conference on Reverse Engineering Proceeding, Canada, The Experimental

      [3] Paradigm in Reverse Engineering: Role, Challenges, and Limitations, Carleton University,Pp(1,2)

      [4] Chiba, S. (2000). Load-time structural reflection in java. Japan, Institute of Information Science, and Electronics, IEEE, Pp. (1, 5).

      [5] George, N. et. Al (2000), Reverse engineering anti-cracking techniques. http://www.astalvista.com, the hacking and security community, IEEE. P.(3)

      [6] Hardik,S. (N.D), Software Security and Reverse Engineering, IEEE Pp. (1,2, 4, 5)

      [7] Hausi, A.et.al. (1994), Understanding Software Systems Using Reverse Engineering Technology, IEEE Pp. (1, 2).

      [8] Al-Hakimy, A.M., Sultan, A.B.,†Hybrid Algorithm to Protect Java’s Code from Reverse Engineering†International conference on software and computer applications (ICSCA), 2015

      [9] Himangi,G.(2010), code protection and obfuscation of .Net software using obfuscator, Accessed on January 13, 2018, Available at http://www.dotnetcurry.com/ShowArticle.aspx?ID=542&AspxAutoDetectCookieSupport=1

      [10] Iman, M, & Ishaq, A. (2010). Anti-reversing as a tool to protect intellectual property. UAE, IEEE, Vol (5) (1) Pp. (1, 2).

      [11] Jared, N. (2008). Rate of software Piracy vs. Malware infection. Debunking bsa’s piracy-malware. Accessed on January 13, 2018, Available at http://www.myce.com/news/debunking-bsas-piracy-malware-link-21041/

      [12] Linn.C, Debray.S, 2003, Obfuscation of Executable Code to Improve Resistance to Static Disassembly, Washington, University of Arizona Tucson, PP.(2,4,5).

      [13] L. Shan and S. Emmanuel, “Mobile agent protection with self-modifying code,†Journal of Signal Processing Systems, vol. 65, no. 1, pp. 105–116,2011.

      [14] A. Viticchie et al., "Assessment of Source Code Obfuscation Techniques," 2016 IEEE 16th International Working Conference on Source Code Analysis and Manipulation (SCAM), Raleigh, NC, 2016, pp. 11-20.

      [15] A. K. Dalai, S. S. Das and S. K. Jena, "A code obfuscation technique to prevent reverse engineering," 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), Chennai, 2017, pp. 828-832.

      [16] S. A. Sebastian, S. Malgaonkar, P. Shah, M. Kapoor and T. Parekhji, "A study & review on code obfuscation," 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave), Coimbatore, 2016, pp. 1-6.

      [17] Min.G.K, et.al, (2007), Renovo: A Hidden Code Extractor for packed Executables, Carnegie Mellon University, IEEE, Pp. (4)

      [18] Memon, Jan.et.al, (2006) Emerging Technologies, 2nd international online conference, Preventing Reverse Engineering Threat in Java Using Byte Code Obfuscation Techniques13-14 November 2006, Peshawar, Pakistan, IEEE, P. (690).

      [19] Madou, M.et.al, 2006, On the Effectiveness of Source Code Transformations for Binary Obfuscation,P.(4,3)

      [20] Zhang, X.et.al, 2008, An Inter-Classes Obfuscation Method For Java Program, International Conference on Information Security and Assurance, Changchun, 130012, P.R.China, IEEE, Pp (2, 4, 6).

      [21] Patel, V. (2009). Protect Java code from decompilation using Java Obfuscator. January 13, 2018, Available at http://viralpatel.net/blogs/2009/07/protect-java-code-decompilation-using-java-obfuscator.html

      [22] Peikari.C .et.al, (N.D),O’REILLY Media, Know Your Enemy, IEEE, Pp. (10,11,19)

      [23] Raymond. J.et.al, (2008), A Survey of Reverse Engineering Tools for the 32Bit Microsoft Windows Environment, Vol.(V,NO.N), Pp.(1,2,3).

      [24] NationMaster,(2010). Software piracy rate (most recent) by country. Crime statistics. Accessed on January 13, 2018, Available At http://www.nationmaster.com/graph/cri_sof_pir_rat-crime-software-piracy-rate.

      [25] LogicNP, Software. (2010) Crypto Obfuscator For.Net. The power of components. January 13, 2018, Available at http://www.ssware.com/cryptoobfuscator/features.htm

      [26] Configure Proguard and DexGuard (Access on 20 September 2016) https://docs.fabric.io/android/crashlytics/dex-and-proguard.html

      [27] ProGuard Manual. (Access on 25 September 2016) http://proguard.sourceforge.net/manual/

      [28] P. Kanani, K. Srivastava, J. Gandhi, D. Parekh and M. Gala, "Obfuscation: Maze of code," 2017 2nd International Conference on Communication Systems, Computing and IT Applications (CSCITA), Mumbai, 2017, pp. 11-16.

      [29] Al-Hakimy, A.M., Rajadurai, K.P., Ravi, M.I., "Formulating a Defensive Technique to Prevent the Threat of Prohibited Reverse engineering", International Conference and Workshop on Current Trends in Information Technology (CTIT), 2011, pp. 82-85.

      [30] M. Kim et al., "Design and Performance Evaluation of Binary Code Packing for Protecting Embedded Software against Reverse Engineering," 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing, Carmona, Seville, 2010, pp. 80-86.

      [31] M. Kim et al., "Design and Performance Evaluation of Binary Code Packing for Protecting Embedded Software against Reverse Engineering," 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing, Carmona, Seville, 2010, pp. 80-86.

  • Downloads

  • How to Cite

    Mahfoud, A., Bakar Sultan, A., Azim Abd, A., Mohd Ali, N., & Admodisastro, N. (2018). Code Obfuscation. Where is it Heading?. International Journal of Engineering & Technology, 7(4.1), 22-27. https://doi.org/10.14419/ijet.v7i4.1.19485