TY - GEN
T1 - Obfuscation of design intent in object-oriented applications
AU - Sosonkin, Mikhail
AU - Naumovich, Gleb
AU - Memon, Nasir
PY - 2003
Y1 - 2003
N2 - Protection of digital data from unauthorized access is of paramount importance. In the past several years, much research has concentrated on protecting data from the standpoint of confidentiality, integrity and availability. Software is a form of data with unique properties and its protection poses unique challenges. First, software can be reverse engineered, which may result in stolen intellectual property. Second, software can be altered with the intent of performing operations this software must not be allowed to perform. With commercial software increasingly distributed in forms from which source code can be easily extracted, such as Java bytecodes, reverse engineering has become easier than ever. Obfuscation techniques have been proposed to impede illegal reverse engineers. Obfuscations are program transformations that preserve the program functionality while obscuring the code, thereby protecting the program against reverse engineering. Unfortunately, the existing obfuscation techniques are limited to obscuring variable names, transformations of local control flow, and obscuring expressions using variables of primitive types. In this paper, we propose obfuscations of design of object-oriented programs. We describe three techniques for obfuscation of program design. The class coalescing obfuscation replaces several classes with a single class. The class splitting obfuscation replaces a single class with multiple classes, each responsible for a part of the functionality of the original class. The type hiding obfuscation uses the mechanism of interfaces in Java to obscure the types of objects manipulated by the program. We show the results of our initial experiments with a prototype implementation of these techniques. In particular, we show that the runtime overheads of these obfuscations tend to be small.
AB - Protection of digital data from unauthorized access is of paramount importance. In the past several years, much research has concentrated on protecting data from the standpoint of confidentiality, integrity and availability. Software is a form of data with unique properties and its protection poses unique challenges. First, software can be reverse engineered, which may result in stolen intellectual property. Second, software can be altered with the intent of performing operations this software must not be allowed to perform. With commercial software increasingly distributed in forms from which source code can be easily extracted, such as Java bytecodes, reverse engineering has become easier than ever. Obfuscation techniques have been proposed to impede illegal reverse engineers. Obfuscations are program transformations that preserve the program functionality while obscuring the code, thereby protecting the program against reverse engineering. Unfortunately, the existing obfuscation techniques are limited to obscuring variable names, transformations of local control flow, and obscuring expressions using variables of primitive types. In this paper, we propose obfuscations of design of object-oriented programs. We describe three techniques for obfuscation of program design. The class coalescing obfuscation replaces several classes with a single class. The class splitting obfuscation replaces a single class with multiple classes, each responsible for a part of the functionality of the original class. The type hiding obfuscation uses the mechanism of interfaces in Java to obscure the types of objects manipulated by the program. We show the results of our initial experiments with a prototype implementation of these techniques. In particular, we show that the runtime overheads of these obfuscations tend to be small.
KW - Code Generation
KW - Refactoring
KW - Software Obfuscation
UR - http://www.scopus.com/inward/record.url?scp=18844377176&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=18844377176&partnerID=8YFLogxK
U2 - 10.1145/947380.947399
DO - 10.1145/947380.947399
M3 - Conference contribution
AN - SCOPUS:18844377176
SN - 1581137869
SN - 9781581137866
T3 - DRM 2003: Proceedings of the Third ACM Workshop on Digital Rights Management
SP - 142
EP - 153
BT - DRM 2003
PB - Association for Computing Machinery
T2 - DRM 2003: Proceedings of the Third ACM Workshop on Digital Rights Management
Y2 - 27 October 2003 through 27 October 2003
ER -