Title :
Code Defactoring: Evaluating the Effectiveness of Java Obfuscations
Author :
Capiluppi, Andrea ; Falcarin, Paolo ; Boldyreff, Cornelia
Author_Institution :
Brunel Univ., Uxbridge, UK
Abstract :
Obfuscation is a very common protection against reverse engineering attacks: it modifies a program structure to make it harder for the adversary to analyse and understand it. Conceptually, obfuscation is the opposite of refactoring: the code should be more complex to understand, bloated, and with excessive characteristics from the design point of view. This paper aims at evaluating the code complexity introduced by different obfuscation algorithms by using software engineering metrics. Using structural metrics, this paper illustrates how the various types of obfuscation algorithms perform in terms of OO attributes that should be kept low in refactoring. Results show that the majority of the selected algorithms produce no changes in the structural attributes or the average complexity, but they produce more ``dead´´ code. We argue that this could not represent the optimal way to protect the code: when protecting against reverse engineering attacks, a preference should be given to those algorithms that increase the complexity and alter the structural metrics.
Keywords :
Java; computer crime; reverse engineering; software maintenance; software metrics; Java obfuscations; OO attributes; code complexity; code defactoring; cyclomatic complexity; dead code; program structure modification; reverse engineering attack; software engineering metrics; structural attributes; structural metrics; Arrays; Complexity theory; Java; Measurement; Software; Software algorithms; Software protection; cyclomatic complexity; obfuscation; security metrics; structural metrics;
Conference_Titel :
Reverse Engineering (WCRE), 2012 19th Working Conference on
Conference_Location :
Kingston, ON
Print_ISBN :
978-1-4673-4536-1
DOI :
10.1109/WCRE.2012.17
