Advanced obfuscation techniques for Java bytecode

Jien Tsai Chan*, Wuu Yang

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

49 Scopus citations

Abstract

There exist several obfuscation tools for preventing Java bytecode from being decompiled. Most of these tools simply scramble the names of the identifiers stored in a bytecode by substituting the identifiers with meaningless names. However, the scrambling technique cannot deter a determined cracker very long. We propose several advanced obfuscation techniques that make Java bytecode impossible to recompile or make the decompiled program difficult to understand and to recompile. The crux of our approach is to over use an identifier. That is, an identifier can denote several entities, such as types, fields, and methods, simultaneously. An additional benefit is that the size of the bytecode is reduced because fewer and shorter identifier names are used. Furthermore, we also propose several techniques to intentionally introduce syntactic and semantic errors into the decompiled program while preserving the original behaviors of the bytecode. Thus, the decompiled program would have to be debugged manually. Although our basic approach is to scramble the identifiers in Java bytecode, the scrambled bytecode produced with our techniques is much harder to crack than that produced with other identifier scrambling techniques. Furthermore, the run-time efficiency of the obfuscated bytecode is also improved because the size of the bytecode becomes smaller after obfuscation.

Original languageEnglish
Pages (from-to)1-10
Number of pages10
JournalJournal of Systems and Software
Volume71
Issue number1-2
DOIs
StatePublished - 1 Apr 2004

Keywords

  • Bytecode obfuscation
  • Java programming language
  • Program protection

Fingerprint Dive into the research topics of 'Advanced obfuscation techniques for Java bytecode'. Together they form a unique fingerprint.

Cite this