By Topic

Code Defactoring: Evaluating the Effectiveness of Java Obfuscations

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Andrea Capiluppi ; Brunel Univ., Uxbridge, UK ; Paolo Falcarin ; Cornelia Boldyreff

Obfuscation is a very common protection against reverse engineering attacks: it modifies a program structure to make it harder for the adversary to analyse and understand it. Conceptually, obfuscation is the opposite of refactoring: the code should be more complex to understand, bloated, and with excessive characteristics from the design point of view. This paper aims at evaluating the code complexity introduced by different obfuscation algorithms by using software engineering metrics. Using structural metrics, this paper illustrates how the various types of obfuscation algorithms perform in terms of OO attributes that should be kept low in refactoring. Results show that the majority of the selected algorithms produce no changes in the structural attributes or the average complexity, but they produce more ``dead'' code. We argue that this could not represent the optimal way to protect the code: when protecting against reverse engineering attacks, a preference should be given to those algorithms that increase the complexity and alter the structural metrics.

Published in:

2012 19th Working Conference on Reverse Engineering

Date of Conference:

15-18 Oct. 2012