Obfuscation of design intent in object-oriented applications

Mikhail Sosonkin, Gleb Naumovich, Nasir Memon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Protection of digital data from unauthorized access is of paramount importance. In the past several years, much research has concentrated on protecting data from the standpoint of confidentiality, integrity and availability. Software is a form of data with unique properties and its protection poses unique challenges. First, software can be reverse engineered, which may result in stolen intellectual property. Second, software can be altered with the intent of performing operations this software must not be allowed to perform. With commercial software increasingly distributed in forms from which source code can be easily extracted, such as Java bytecodes, reverse engineering has become easier than ever. Obfuscation techniques have been proposed to impede illegal reverse engineers. Obfuscations are program transformations that preserve the program functionality while obscuring the code, thereby protecting the program against reverse engineering. Unfortunately, the existing obfuscation techniques are limited to obscuring variable names, transformations of local control flow, and obscuring expressions using variables of primitive types. In this paper, we propose obfuscations of design of object-oriented programs. We describe three techniques for obfuscation of program design. The class coalescing obfuscation replaces several classes with a single class. The class splitting obfuscation replaces a single class with multiple classes, each responsible for a part of the functionality of the original class. The type hiding obfuscation uses the mechanism of interfaces in Java to obscure the types of objects manipulated by the program. We show the results of our initial experiments with a prototype implementation of these techniques. In particular, we show that the runtime overheads of these obfuscations tend to be small.

Original languageEnglish (US)
Title of host publicationDRM 2003
Subtitle of host publicationProceedings of the Third ACM Workshop on Digital Rights Management
PublisherAssociation for Computing Machinery
Pages142-153
Number of pages12
ISBN (Print)1581137869, 9781581137866
DOIs
StatePublished - 2003
EventDRM 2003: Proceedings of the Third ACM Workshop on Digital Rights Management - Washington, DC, United States
Duration: Oct 27 2003Oct 27 2003

Publication series

NameDRM 2003: Proceedings of the Third ACM Workshop on Digital Rights Management

Other

OtherDRM 2003: Proceedings of the Third ACM Workshop on Digital Rights Management
Country/TerritoryUnited States
CityWashington, DC
Period10/27/0310/27/03

Keywords

  • Code Generation
  • Refactoring
  • Software Obfuscation

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Obfuscation of design intent in object-oriented applications'. Together they form a unique fingerprint.

Cite this