Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

An Effective Java Obfuscation Technique Using Assignment Statements Merging

대입문 병합을 이용한 효율적인 자바 난독화 기법

  • Lee, Kyong-Ho (School of Information & Communication Engineering, Halla University) ;
  • Park, Hee-Wan (School of Information & Communication Engineering, Halla University)
  • 이경호 (한라대학교 정보통신방송공학부) ;
  • 박희완 (한라대학교 정보통신방송공학부)
  • Received : 2013.09.03
  • Accepted : 2013.10.05
  • Published : 2013.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Java bytecodes are executed not on target machine but on the Java virtual machines. Since this bytecodes use a higher level representation than binary code, it is possible to decompile most bytecodes back to Java source. Obfuscation is the technique of obscuring code and it makes program difficult to understand. However, most of the obfuscation techniques make the code size and the performance of obfuscated program bigger and slower than original program. In this paper, we proposed an effective Java obfuscation techniques using assignment statements merging that make the source program difficult to understand. The basic approach is to merge assignments statements to append side effects of statement. An additional benefit is that the size of the bytecode is reduced.

자바 바이트코드는 타겟 머신이 아닌 자바 가상머신 상에서 동작된다. 이러한 자바 바이트코드는 바이너리 코드보다 고수준 표현을 사용하고 있어서 대부분의 자바 바이트 코드는 다시 자바 소스 파일로 바꿀 수도 있다. 난독화란 기본적으로 코드를 이해하기 어렵게 만드는 기술을 의미한다. 자바 코드의 보호를 위해서는 난독화가 사용될 수 있다. 그러나 프로그램을 복잡하게 만드는 난독화 기법은 대부분 프로그램의 크기를 증가시키고 실행 속도 또한 느려지게 만드는 원인이 된다. 본 논문에서는 대입문 병합 기법을 이용한 효율적인 자바 난독화 기법을 새롭게 제안한다. 대입문 병합 기법이 적용되면 대입문에 부작용(side effects)이 추가되어 대입문을 이해하기 어렵게 된다. 추가적으로 바이트코드의 크기가 줄어드는 장점도 있다.

Keywords

References

  1. Christian Collberg, Clark Thomborson, "Watermarking, Tamper-Proofing, and Obfuscation - Tools for Software Protection," IEEE Transactions on Software Engineering, vol.28, no.8, pp.735-746, 2002. https://doi.org/10.1109/TSE.2002.1027797
  2. Christian Collberg, Clark Thomborson, Douglas Low, "Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs," Proc. of the Principles of Programming Languages, POPL98, pp.184-196, Jan. 1998.
  3. Christian Collberg, Clark Thomborson, Douglas Low, "Breaking Abstractions and Unstructuring Data Structures," Proc. of the International Conference on Computer Languages, ICCL98, pp.28-38. 1998.
  4. Christian Collberg, Clark Thomborson, Douglas Low, "A Taxonomy of Obfuscating Transformation," Technical Report #148, Department of Computer Science, The University of Auckland, 1997.
  5. Jien-Tasi Chan, Wuu Yang, "Advanced Obfuscations on Java Bytecode," Journal of Systems and Software, vol.71, no.1-2, pp.1-10, Apr. 2004. https://doi.org/10.1016/S0164-1212(02)00066-3
  6. E. Kim, K. Han, "A Study on the Code Obfuscation Technique for Java Source Code," Proc. of the 35th KIISE Fall Conference, vol.35, no.2(A), pp. 307-308, Oct. 2008.
  7. P. Yuxue, J. Jung, J. Lee, "The Technological Trend of the Mobile Obfuscation," Information & Communications Magazine, vol.29, no.8, pp.65-71, Jul. 2012.
  8. Mark Harman, Lin Hu, Xingyuan Zhang Malcolm Munro., "Side-Effect Removal Transformation," 9th IEEE International Workshop on Program Comprehension (IWPC 2001). Toronto, Canada, pp. 309-319, May. 2001.
  9. Mark Harman, Lin Hu, Rob Hierons, Xingyuan Zhang, Malcolm Munro, Jose Javier Dolado, Mari Carmen Otero and Joachim Wegener, "A Post-Placement Side-Effect Removal Algorithm," 18th IEEE International Conference on Software Maintenance (ICSM 2002), Montreal, Canada. pp.2-11, Oct. 2002.
  10. Lars R. Clausen, "A Java Bytecode Optimizer Using Side-effect Analysis," Concurrency and Computation : Practice and Experience, vol.9, no.11, pp.1031-1045, 1997. https://doi.org/10.1002/(SICI)1096-9128(199711)9:11<1031::AID-CPE354>3.0.CO;2-O
  11. Chrislain Razafimahefa, "A Study of Side-effect Analyses for Java," MS Thesis, School of Computer Science, McGill University, 1999.
  12. JJ. Dolado, M.Harman, M.C. Otero, and L.Hu, "An Empirical Investigation of the Influence of a Type of Side Effects on ProgramComprehension," IEEE Transactions on Software Engineering, vol.29, no.7, pp.665-670, Jul. 2003. https://doi.org/10.1109/TSE.2003.1214329