Manufacturing cheap, resilient, and stealthy opaque constructs

Christian Collberg, Clark Thomborson, Douglas Low
1998 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '98  
It has become common to distribute software in forms that are isomorphic to the original source code. An important example is Java bytecode. Since such codes are easy to decompile, they increase the risk of mahcious reverse engineering attacks. In thii paper we describe the design of a Java code obfus- &OF, a tool which -through the application of code transformations -converts a Java program into an equivalent one that is more difficuh to reverse engineer. We describe a number of
more » ... s which obfuscate control-flow. Transformations are evaluated with respect to potency (To what degree is a human reader confused?), resilience (How well are automatic deobfuscation attacks resisted?), cost (How much time/space overhead is added?), and stealth (How well does obfuscated code blend in with the original code?). The resilience of many control-altering transformations rely on the resilience of opaque predicates. These are boolean valued expressions whose values are known to the obfuscator but difficult to determine for an automatic deobfuscator. We show how to construct resilient, cheap, and stealthy opaque predicates based on the intractability of certain static analysis problems such as alias analysis.
doi:10.1145/268946.268962 dblp:conf/popl/CollbergTL98 fatcat:s4bxqbtf3zfzfanqaejmbguldm