SlideShare ist ein Scribd-Unternehmen logo

Applying Anti-Reversing Techniques to Java Bytecode

Teodoro Cipresso
Teodoro Cipresso

CS266 Software Reverse Engineering (SRE) Applying Anti-Reversing Techniques to Java Bytecode Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu Department of Computer Science San José State University Spring 2015

Technologie
1 von 33
Downloaden Sie, um offline zu lesen
CS266 Software Reverse Engineering (SRE) Applying Anti-Reversing Techniques to Java Bytecode Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu Department of Computer Science San José State University Spring 2015 The information in this presentation is taken from the thesis “Software reverse engineering education” available at http://scholarworks.sjsu.edu/etd_theses/3734/ where all citations can be found.
Applying Anti-Reversing Techniques to Java Bytecode Introduction and Motivation for Anti-Reversing  If Java bytecode is not protected through obfuscation it’s straightforward for a reverser to decompile the bytecode, make changes, and recompile.  If our software sells for money, then it’s natural to offer a trial version.  Trial versions employ guards to ultimately earn your business:  Time-bomb: stops working after n days.  Usage limit: stops working after n minutes or n operations.  Crippleware: Critical functionality is disabled (e.g, can’t save you work).  This is hard to get right without annoying a potential customer. 2
Applying Anti-Reversing Techniques to Java Bytecode Introduction and Motivation for Anti-Reversing  Applying anti-reversing techniques to Java bytecode (or binaries in general) can prevent a reverser from:  Removing trialware guards in software (types on previous slide).  Recovering algorithms that make the software valuable.  While anti-reversing techniques cannot completely prevent software from being reversed, they act as a deterrent by increasing the challenge for the reverser.  [5] states “It is never possible to entirely prevent reversing” and “What is possible is to hinder and obstruct reversers by wearing them out and making the process so slow and painful that they give up.” 3
Applying Anti-Reversing Techniques to Java Bytecode Introduction and Motivation for Anti-Reversing  Apply anti-reversing techniques to source code, machine code, or bytecode can have adverse effects on a program's size, efficiency, and maintainability.  Therefore, it’s important to evaluate whether a particular program warrants the cost of protecting it.  Anti-reversing techniques are meant to be applied post-production, after the coding for an application is complete and tested.  These techniques obscure data and logic and therefore are difficult to implement while also working on the functionality of the application.  Even worse than the general confusion of interleaving anti-reversing techniques with regular coding is the possibility of creating a dependency between the actual application logic and the anti-reversing techniques used. 4
Applying Anti-Reversing Techniques to Java Bytecode Basic Anti-Reversing Techniques  Eliminating Symbolic Information: Render unrecognizable, all symbolic information in machine code or bytecode because such information can be quite useful to a reverse engineer.  Obfuscating the Program: Includes removing symbolic information but goes much further. Care must be taken with the following techniques to ensure that the original program functionality remains intact.  Modify the layout of a program (move things around).  Introducing confusing non-essential logic or control flow.  Storing data in difficult to interpret organizations or formats.  Obfuscate data structures, encrypt strings etc.. 5
Applying Anti-Reversing Techniques to Java Bytecode Basic Anti-Reversing Techniques  Embedding Antidebugger Code: Live analysis is how most reversers accomplish their objective. Therefore it is common for developers to implement guards against binary debuggers.  Live analysis of machine code is accomplished using an interactive debugger-disassembler where you attach to a running programming and step instructions to observe the program at points of interest.  Static analysis of machine code is usually carried out using a disassembler and heuristic algorithms that attempt to understand the structure of the program.  Interactive debugging of Java bytecode can be accomplished using debugger interfaces implemented by the JVM per the Java Platform Debugger Architecture (JPDA). 6
Applying Anti-Reversing Techniques to Java Bytecode Java Bytecode Anti-Reversing Considerations  While it is most often the case that we cannot recover the original Java source code from the bytecode, the results will be functionally equivalent.  When new features are added to the Java language, new bytecode instructions are not always added or needed. For example:  Support for generics in collections is implemented by carrying additional information (in the constants pool of the class) that describes the type of object a collection should contain.  This information can then be used at execution time by the JVM to validate the type of each object in the collection. 7
Applying Anti-Reversing Techniques to Java Bytecode Java Bytecode Anti-Reversing Considerations  The strategy of having newer Java language constructs result in compatible bytecode with optionally-utilized metadata provides the benefit of allowing legacy Java bytecode to run on newer JVMs.  If a decompiler doesn't know to look for the metadata, some information is lost. For example:  The fact that a program used generics would not be recovered and all collections would be of type Object (with cast statements of course). 8
Applying Anti-Reversing Techniques to Java Bytecode Java Bytecode Anti-Reversing Tools  Since Java bytecode is standardized there are many obfuscation tools available on the Internet which perform transformations directly on the Java bytecode instead of on the Java source code itself.  SandMark: A Tool for the Study of Software Protection Algorithms [27]  RetroGuard for Java Obfuscation [28] (defunct, CLI only)  ProGuard [29]  Zelix Klassmaster [26] (not free)  Extensive list of related or alternative tools 9
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information  Variable, class, and method names, are all left intact when compiling Java source code to Java bytecode.  Oracle’s Java compiler javac provides an option to leave out debugging information in Java bytecode: specifying javac -g:none will exclude information on line numbers, the source file name, and local variables.  This option offers little to no help in fending off a reverser as none of the remaining variable names, methods names, and constants are obfuscated.  [26] states that a high-level of protection can be achieved for Java bytecode by applying three transformations: Name Obfuscation, String Encryption, and Flow Obfuscation.  There does not appear to be a free anti-reversing tool that can perform all three of these transformations to Java bytecode. 10
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 11
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 12
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 13
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 14
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 15
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 16
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 17
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 18
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 19
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 20
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 21
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 22
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 23
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 24
Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 25
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program  One of the most popular, and fragile, techniques for preventing decompilation involves the use of opaque predicates:  By introducing false ambiguities into the control flow of a program we may trick a decompiler into traversing garbage bytes that are masquerading as logic contained in an else clause.  if ( 1 == 1 ) and if ( 1 == 2 ) are opaque predicates because the first always evaluates to true, and the second always to false.  “Branches that appear to be conditional but are really not.” [5]  The key to preventing decompilation with opaque predicates is to insert invalid instructions in the else branch of an always-true predicate or the if-body of an always false predicate. 26
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates  Since the invalid instructions will never be reached during normal operation of the program there is no impact on the program's operation.  A naïve decompiler will evaluate both possibilities of an opaque predicate and fail on attempting to decompile the invalid, unreachable “instructions”. 27
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program – Java Bytecode Verifier  Unfortunately, opaque predicates, often used in protecting machine code from disassembly, cannot be used with Java bytecode because of the presence of the Java Bytecode Verifier in the JVM.  The JVM verifies bytecode before execution via single-pass static analysis.  Therefore invalid instructions/garbage bytes are likely to be caught.  [31] documents the following checks made by the Java Bytecode Verifier:  Type correctness: arguments of an instruction, whether on the stack or in registers, should always be of the type expected by the instruction.  No stack overflow or underflow: instructions which remove items from the stack should not do so when the stack is empty. Also, instructions should not attempt to push items on the stack when the stack is full. 28
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program – Java Bytecode Verifier  Register initialization: Within a single method any use of a register must come after the initialization of that register. That is, there should be at least one store operation to that register before a load operation on that register.  Object initialization: Creation of object instances must always be followed by a call to one of the possible initialization (constructor) methods for that object before it can be used.  Access control: Method calls, field accesses, and class references must always adhere to the Java visibility policies for that method, field, or reference (e.g., private, protected, public).  Recall that bytecode targeted to run on a JVM may have been generated by something other than the accompanying Java compiler (even dynamically).  This actuality highlights the need for bytecode verification. 29
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates  Opaque predicates do remain viable for machine code, though there is some evidence that good disassemblers, such as IDA Pro, do check for rudimentary opaque predicates [5].  SandMark‘s creators claim that the presence of opaque predicates in bytecode, without garbage bytes of course, makes decompilation more difficult.  SandMark implements several different algorithms for sprinkling opaque predicates throughout bytecode.  For example, the opaque branch insertion obfuscation claims to “insert jumps into a method via opaque predicates so that the control flow graph is irreducible. This inhibits decompilation.” 30
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates 31
Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates 32
33

Empfohlen

Reversing and Patching Java Bytecode
Reversing and Patching Java BytecodeReversing and Patching Java Bytecode
Reversing and Patching Java Bytecode
Teodoro Cipresso
 
Expressive And Modular Predicate Dispatch In Java
Expressive And Modular Predicate Dispatch In JavaExpressive And Modular Predicate Dispatch In Java
Expressive And Modular Predicate Dispatch In Java
Dr Anjan Krishnamurthy
 
Core java online training
Core java online trainingCore java online training
Core java online training
Glory IT Technologies Pvt. Ltd.
 
Introduction to java
Introduction to java Introduction to java
Introduction to java
Sandeep Rawat
 
Java interview questions
Java interview questionsJava interview questions
Java interview questions
Soba Arjun
 
Core java interview questions
Core java interview questionsCore java interview questions
Core java interview questions
Rohit Singh
 
8 most expected java interview questions
8 most expected java interview questions8 most expected java interview questions
8 most expected java interview questions
Poonam Kherde
 
50+ java interview questions
50+ java interview questions50+ java interview questions
50+ java interview questions
SynergisticMedia
 

Empfohlen

Reversing and Patching Java Bytecode
Reversing and Patching Java BytecodeReversing and Patching Java Bytecode
Reversing and Patching Java Bytecode
Teodoro Cipresso
 
Expressive And Modular Predicate Dispatch In Java
Expressive And Modular Predicate Dispatch In JavaExpressive And Modular Predicate Dispatch In Java
Expressive And Modular Predicate Dispatch In Java
Dr Anjan Krishnamurthy
 
Core java online training
Core java online trainingCore java online training
Core java online training
Glory IT Technologies Pvt. Ltd.
 
Introduction to java
Introduction to java Introduction to java
Introduction to java
Sandeep Rawat
 
Java interview questions
Java interview questionsJava interview questions
Java interview questions
Soba Arjun
 
Core java interview questions
Core java interview questionsCore java interview questions
Core java interview questions
Rohit Singh
 
8 most expected java interview questions
8 most expected java interview questions8 most expected java interview questions
8 most expected java interview questions
Poonam Kherde
 
50+ java interview questions
50+ java interview questions50+ java interview questions
50+ java interview questions
SynergisticMedia
 
Java j2ee interview_questions
Java j2ee interview_questionsJava j2ee interview_questions
Java j2ee interview_questions
ppratik86
 
Grade 8: Introduction To Java
Grade 8: Introduction To JavaGrade 8: Introduction To Java
Grade 8: Introduction To Java
nandanrocker
 
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Sanjay Yadav
 
Notes of java first unit
Notes of java first unitNotes of java first unit
Notes of java first unit
gowher172236
 
1.introduction to java
1.introduction to java1.introduction to java
1.introduction to java
Madhura Bhalerao
 
Introducing Java 7
Introducing Java 7Introducing Java 7
Introducing Java 7
Markus Eisele
 
Jfxpub binding
Jfxpub bindingJfxpub binding
Jfxpub binding
Jérémie Nguetsop Komolo
 
Introduction to java
Introduction to javaIntroduction to java
Introduction to java
jayc8586
 
9 crucial Java Design Principles you cannot miss
9 crucial Java Design Principles you cannot miss9 crucial Java Design Principles you cannot miss
9 crucial Java Design Principles you cannot miss
Mark Papis
 
Professional-core-java-training
Professional-core-java-trainingProfessional-core-java-training
Professional-core-java-training
Vibrant Technologies & Computers
 
Java interview-questions-and-answers
Java interview-questions-and-answersJava interview-questions-and-answers
Java interview-questions-and-answers
bestonlinetrainers
 
Hibernate Advance Interview Questions
Hibernate Advance Interview QuestionsHibernate Advance Interview Questions
Hibernate Advance Interview Questions
Rudra Garnaik, PMI-ACP®
 
Java chapter 1
Java chapter 1Java chapter 1
Java chapter 1
Mukesh Tekwani
 
Chapter 1
Chapter 1Chapter 1
Chapter 1
siragezeynu
 
Hibernate notes
Hibernate notesHibernate notes
Hibernate notes
Rajeev Uppala
 
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jHibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Satya Johnny
 
Introduction to java
Introduction to java Introduction to java
Introduction to java
Java Lover
 
Classes and Objects
Classes and ObjectsClasses and Objects
Classes and Objects
vmadan89
 
Corejava ratan
Corejava ratanCorejava ratan
Corejava ratan
Satya Johnny
 
Architecting cloud-enabled applications using Spring-Integration 2.x
Architecting cloud-enabled applications using Spring-Integration 2.xArchitecting cloud-enabled applications using Spring-Integration 2.x
Architecting cloud-enabled applications using Spring-Integration 2.x
Edson Yanaga
 
Enterprise Integration Patterns with Camel
Enterprise Integration Patterns with CamelEnterprise Integration Patterns with Camel
Enterprise Integration Patterns with Camel
Software Infrastructure
 
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java CodeJava Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Edson Yanaga
 

Weitere ähnliche Inhalte

Was ist angesagt?

Java j2ee interview_questions
Java j2ee interview_questionsJava j2ee interview_questions
Java j2ee interview_questions
ppratik86
 
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Sanjay Yadav
 
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jHibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Satya Johnny
 

Was ist angesagt? (19)

Java j2ee interview_questions
Java j2ee interview_questionsJava j2ee interview_questions
Java j2ee interview_questions
 
Grade 8: Introduction To Java
Grade 8: Introduction To JavaGrade 8: Introduction To Java
Grade 8: Introduction To Java
 
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
Introduction tojavaandxml lc-slides01-fp2005-ver 1.0
 
Notes of java first unit
Notes of java first unitNotes of java first unit
Notes of java first unit
 
1.introduction to java
1.introduction to java1.introduction to java
1.introduction to java
 
Introducing Java 7
Introducing Java 7Introducing Java 7
Introducing Java 7
 
Jfxpub binding
Jfxpub bindingJfxpub binding
Jfxpub binding
 
Introduction to java
Introduction to javaIntroduction to java
Introduction to java
 
9 crucial Java Design Principles you cannot miss
9 crucial Java Design Principles you cannot miss9 crucial Java Design Principles you cannot miss
9 crucial Java Design Principles you cannot miss
 
Professional-core-java-training
Professional-core-java-trainingProfessional-core-java-training
Professional-core-java-training
 
Java interview-questions-and-answers
Java interview-questions-and-answersJava interview-questions-and-answers
Java interview-questions-and-answers
 
Hibernate Advance Interview Questions
Hibernate Advance Interview QuestionsHibernate Advance Interview Questions
Hibernate Advance Interview Questions
 
Java chapter 1
Java chapter 1Java chapter 1
Java chapter 1
 
Chapter 1
Chapter 1Chapter 1
Chapter 1
 
Hibernate notes
Hibernate notesHibernate notes
Hibernate notes
 
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jHibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_j
 
Introduction to java
Introduction to java Introduction to java
Introduction to java
 
Classes and Objects
Classes and ObjectsClasses and Objects
Classes and Objects
 
Corejava ratan
Corejava ratanCorejava ratan
Corejava ratan
 

Andere mochten auch

Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java CodeJava Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Edson Yanaga
 
Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...
Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...
Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...
Dr. Spock
 
Introduction to Java EE (J2EE)
Introduction to Java EE (J2EE)Introduction to Java EE (J2EE)
Introduction to Java EE (J2EE)
Atit Patumvan
 
System Integration with Akka and Apache Camel
System Integration with Akka and Apache CamelSystem Integration with Akka and Apache Camel
System Integration with Akka and Apache Camel
krasserm
 
Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)
Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)
Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)
Kai Wähner
 
How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...
How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...
How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...
Kai Wähner
 

Andere mochten auch (20)

Architecting cloud-enabled applications using Spring-Integration 2.x
Architecting cloud-enabled applications using Spring-Integration 2.xArchitecting cloud-enabled applications using Spring-Integration 2.x
Architecting cloud-enabled applications using Spring-Integration 2.x
 
Enterprise Integration Patterns with Camel
Enterprise Integration Patterns with CamelEnterprise Integration Patterns with Camel
Enterprise Integration Patterns with Camel
 
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java CodeJava Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
Java Craftsmanship: Lessons Learned on How to Produce Truly Beautiful Java Code
 
Enterprise Integration Patterns na nuvem com Spring Integration
Enterprise Integration Patterns na nuvem com Spring IntegrationEnterprise Integration Patterns na nuvem com Spring Integration
Enterprise Integration Patterns na nuvem com Spring Integration
 
Advanced java jee material by KV Rao sir
Advanced java jee material by KV Rao sirAdvanced java jee material by KV Rao sir
Advanced java jee material by KV Rao sir
 
Evitando Armadilhas no Projeto de Aplicações Java EE para uso eficaz na nuvem
Evitando Armadilhas no Projeto de Aplicações Java EE para uso eficaz na nuvemEvitando Armadilhas no Projeto de Aplicações Java EE para uso eficaz na nuvem
Evitando Armadilhas no Projeto de Aplicações Java EE para uso eficaz na nuvem
 
Eclipse Tips & Tricks - EclipseCon North America 2014
Eclipse Tips & Tricks - EclipseCon North America 2014Eclipse Tips & Tricks - EclipseCon North America 2014
Eclipse Tips & Tricks - EclipseCon North America 2014
 
Open Source Debugging for Java 1.4.0
Open Source Debugging for Java 1.4.0Open Source Debugging for Java 1.4.0
Open Source Debugging for Java 1.4.0
 
Spring MVC - Wiring the different layers
Spring MVC - Wiring the different layersSpring MVC - Wiring the different layers
Spring MVC - Wiring the different layers
 
Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...
Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...
Avoiding Java EE Application Design Traps to Achieve Effective Use of Cloud C...
 
J2ee seminar
J2ee seminarJ2ee seminar
J2ee seminar
 
Java & J2EE Coding Conventions
Java & J2EE Coding ConventionsJava & J2EE Coding Conventions
Java & J2EE Coding Conventions
 
Introduction to Java EE (J2EE)
Introduction to Java EE (J2EE)Introduction to Java EE (J2EE)
Introduction to Java EE (J2EE)
 
System Integration with Akka and Apache Camel
System Integration with Akka and Apache CamelSystem Integration with Akka and Apache Camel
System Integration with Akka and Apache Camel
 
Presentation on Core java
Presentation on Core javaPresentation on Core java
Presentation on Core java
 
Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)
Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)
Enterprise Integration Patterns Revisited (EIP, Apache Camel, Talend ESB)
 
J2EE and layered architecture
J2EE and layered architectureJ2EE and layered architecture
J2EE and layered architecture
 
Quartz in mule
Quartz in muleQuartz in mule
Quartz in mule
 
How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...
How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...
How to choose the right Integration Framework - Apache Camel (JBoss, Talend),...
 
Core java concepts
Core java conceptsCore java concepts
Core java concepts
 

Ähnlich wie Applying Anti-Reversing Techniques to Java Bytecode

Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
CSCJournals
 
JAVA VIVA QUESTIONS_CODERS LODGE.pdf
JAVA VIVA QUESTIONS_CODERS LODGE.pdfJAVA VIVA QUESTIONS_CODERS LODGE.pdf
JAVA VIVA QUESTIONS_CODERS LODGE.pdf
nofakeNews
 
Unit Testing Fundamentals
Unit Testing FundamentalsUnit Testing Fundamentals
Unit Testing Fundamentals
Richard Paul
 
A taxonomy of obfuscating transformations
A taxonomy of obfuscating transformationsA taxonomy of obfuscating transformations
A taxonomy of obfuscating transformations
emanuele_nl
 
Exception handler
Exception handler Exception handler
Exception handler
dishni
 
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 PresentationJava Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
James Hamilton
 

Ähnlich wie Applying Anti-Reversing Techniques to Java Bytecode (20)

Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
 
IRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of CodeIRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of Code
 
Certified Core Java Developer
Certified Core Java DeveloperCertified Core Java Developer
Certified Core Java Developer
 
Core Java Certification
Core Java CertificationCore Java Certification
Core Java Certification
 
Professional-core-java-training
Professional-core-java-trainingProfessional-core-java-training
Professional-core-java-training
 
JAVA VIVA QUESTIONS_CODERS LODGE.pdf
JAVA VIVA QUESTIONS_CODERS LODGE.pdfJAVA VIVA QUESTIONS_CODERS LODGE.pdf
JAVA VIVA QUESTIONS_CODERS LODGE.pdf
 
Java interview question
Java interview questionJava interview question
Java interview question
 
Information Management 2marks with answer
Information Management 2marks with answerInformation Management 2marks with answer
Information Management 2marks with answer
 
Unit Testing Fundamentals
Unit Testing FundamentalsUnit Testing Fundamentals
Unit Testing Fundamentals
 
Refactoring ASP.NET and beyond
Refactoring ASP.NET and beyondRefactoring ASP.NET and beyond
Refactoring ASP.NET and beyond
 
TestDrivenDeveloment
TestDrivenDevelomentTestDrivenDeveloment
TestDrivenDeveloment
 
Core Java Learning Path
Core Java Learning PathCore Java Learning Path
Core Java Learning Path
 
Mcs 024 assignment solution (2020-21)
Mcs 024 assignment solution (2020-21)Mcs 024 assignment solution (2020-21)
Mcs 024 assignment solution (2020-21)
 
A taxonomy of obfuscating transformations
A taxonomy of obfuscating transformationsA taxonomy of obfuscating transformations
A taxonomy of obfuscating transformations
 
Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...
Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...
Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...
 
Hiring Java Developers A Comprehensive Guide for Success.pdf
Hiring Java Developers A Comprehensive Guide for Success.pdfHiring Java Developers A Comprehensive Guide for Success.pdf
Hiring Java Developers A Comprehensive Guide for Success.pdf
 
Exception handler
Exception handler Exception handler
Exception handler
 
DAY_1.1.pptx
DAY_1.1.pptxDAY_1.1.pptx
DAY_1.1.pptx
 
CAR SHOWROOM SYSTEM
CAR SHOWROOM SYSTEMCAR SHOWROOM SYSTEM
CAR SHOWROOM SYSTEM
 
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 PresentationJava Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
 

Mehr von Teodoro Cipresso

Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...
Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...
Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...
Teodoro Cipresso
 

Mehr von Teodoro Cipresso (10)

Z101666 best practices for delivering hybrid cloud capability with apis
Z101666 best practices for delivering hybrid cloud capability with apisZ101666 best practices for delivering hybrid cloud capability with apis
Z101666 best practices for delivering hybrid cloud capability with apis
 
Why z/OS is a great platform for developing and hosting APIs
Why z/OS is a great platform for developing and hosting APIsWhy z/OS is a great platform for developing and hosting APIs
Why z/OS is a great platform for developing and hosting APIs
 
Make Your API Catalog Essential with z/OS Connect EE
Make Your API Catalog Essential with z/OS Connect EEMake Your API Catalog Essential with z/OS Connect EE
Make Your API Catalog Essential with z/OS Connect EE
 
Why z/OS is a Great Platform for Developing and Hosting APIs
Why z/OS is a Great Platform for Developing and Hosting APIsWhy z/OS is a Great Platform for Developing and Hosting APIs
Why z/OS is a Great Platform for Developing and Hosting APIs
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting Malware
 
Reengineering and Reuse of Legacy Software
Reengineering and Reuse of Legacy SoftwareReengineering and Reuse of Legacy Software
Reengineering and Reuse of Legacy Software
 
Applying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine CodeApplying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine Code
 
Reversing and Patching Machine Code
Reversing and Patching Machine CodeReversing and Patching Machine Code
Reversing and Patching Machine Code
 
Introduction to Software Reverse Engineering
Introduction to Software Reverse EngineeringIntroduction to Software Reverse Engineering
Introduction to Software Reverse Engineering
 
Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...
Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...
Innovate 2014: Get an A+ on Testing Your Enterprise Applications with Rationa...
 

Kürzlich hochgeladen

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Applying Anti-Reversing Techniques to Java Bytecode

  • 1. CS266 Software Reverse Engineering (SRE) Applying Anti-Reversing Techniques to Java Bytecode Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu Department of Computer Science San José State University Spring 2015 The information in this presentation is taken from the thesis “Software reverse engineering education” available at http://scholarworks.sjsu.edu/etd_theses/3734/ where all citations can be found.
  • 2. Applying Anti-Reversing Techniques to Java Bytecode Introduction and Motivation for Anti-Reversing  If Java bytecode is not protected through obfuscation it’s straightforward for a reverser to decompile the bytecode, make changes, and recompile.  If our software sells for money, then it’s natural to offer a trial version.  Trial versions employ guards to ultimately earn your business:  Time-bomb: stops working after n days.  Usage limit: stops working after n minutes or n operations.  Crippleware: Critical functionality is disabled (e.g, can’t save you work).  This is hard to get right without annoying a potential customer. 2
  • 3. Applying Anti-Reversing Techniques to Java Bytecode Introduction and Motivation for Anti-Reversing  Applying anti-reversing techniques to Java bytecode (or binaries in general) can prevent a reverser from:  Removing trialware guards in software (types on previous slide).  Recovering algorithms that make the software valuable.  While anti-reversing techniques cannot completely prevent software from being reversed, they act as a deterrent by increasing the challenge for the reverser.  [5] states “It is never possible to entirely prevent reversing” and “What is possible is to hinder and obstruct reversers by wearing them out and making the process so slow and painful that they give up.” 3
  • 4. Applying Anti-Reversing Techniques to Java Bytecode Introduction and Motivation for Anti-Reversing  Apply anti-reversing techniques to source code, machine code, or bytecode can have adverse effects on a program's size, efficiency, and maintainability.  Therefore, it’s important to evaluate whether a particular program warrants the cost of protecting it.  Anti-reversing techniques are meant to be applied post-production, after the coding for an application is complete and tested.  These techniques obscure data and logic and therefore are difficult to implement while also working on the functionality of the application.  Even worse than the general confusion of interleaving anti-reversing techniques with regular coding is the possibility of creating a dependency between the actual application logic and the anti-reversing techniques used. 4
  • 5. Applying Anti-Reversing Techniques to Java Bytecode Basic Anti-Reversing Techniques  Eliminating Symbolic Information: Render unrecognizable, all symbolic information in machine code or bytecode because such information can be quite useful to a reverse engineer.  Obfuscating the Program: Includes removing symbolic information but goes much further. Care must be taken with the following techniques to ensure that the original program functionality remains intact.  Modify the layout of a program (move things around).  Introducing confusing non-essential logic or control flow.  Storing data in difficult to interpret organizations or formats.  Obfuscate data structures, encrypt strings etc.. 5
  • 6. Applying Anti-Reversing Techniques to Java Bytecode Basic Anti-Reversing Techniques  Embedding Antidebugger Code: Live analysis is how most reversers accomplish their objective. Therefore it is common for developers to implement guards against binary debuggers.  Live analysis of machine code is accomplished using an interactive debugger-disassembler where you attach to a running programming and step instructions to observe the program at points of interest.  Static analysis of machine code is usually carried out using a disassembler and heuristic algorithms that attempt to understand the structure of the program.  Interactive debugging of Java bytecode can be accomplished using debugger interfaces implemented by the JVM per the Java Platform Debugger Architecture (JPDA). 6
  • 7. Applying Anti-Reversing Techniques to Java Bytecode Java Bytecode Anti-Reversing Considerations  While it is most often the case that we cannot recover the original Java source code from the bytecode, the results will be functionally equivalent.  When new features are added to the Java language, new bytecode instructions are not always added or needed. For example:  Support for generics in collections is implemented by carrying additional information (in the constants pool of the class) that describes the type of object a collection should contain.  This information can then be used at execution time by the JVM to validate the type of each object in the collection. 7
  • 8. Applying Anti-Reversing Techniques to Java Bytecode Java Bytecode Anti-Reversing Considerations  The strategy of having newer Java language constructs result in compatible bytecode with optionally-utilized metadata provides the benefit of allowing legacy Java bytecode to run on newer JVMs.  If a decompiler doesn't know to look for the metadata, some information is lost. For example:  The fact that a program used generics would not be recovered and all collections would be of type Object (with cast statements of course). 8
  • 9. Applying Anti-Reversing Techniques to Java Bytecode Java Bytecode Anti-Reversing Tools  Since Java bytecode is standardized there are many obfuscation tools available on the Internet which perform transformations directly on the Java bytecode instead of on the Java source code itself.  SandMark: A Tool for the Study of Software Protection Algorithms [27]  RetroGuard for Java Obfuscation [28] (defunct, CLI only)  ProGuard [29]  Zelix Klassmaster [26] (not free)  Extensive list of related or alternative tools 9
  • 10. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information  Variable, class, and method names, are all left intact when compiling Java source code to Java bytecode.  Oracle’s Java compiler javac provides an option to leave out debugging information in Java bytecode: specifying javac -g:none will exclude information on line numbers, the source file name, and local variables.  This option offers little to no help in fending off a reverser as none of the remaining variable names, methods names, and constants are obfuscated.  [26] states that a high-level of protection can be achieved for Java bytecode by applying three transformations: Name Obfuscation, String Encryption, and Flow Obfuscation.  There does not appear to be a free anti-reversing tool that can perform all three of these transformations to Java bytecode. 10
  • 11. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 11
  • 12. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 12
  • 13. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 13
  • 14. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 14
  • 15. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 15
  • 16. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 16
  • 17. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 17
  • 18. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 18
  • 19. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 19
  • 20. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 20
  • 21. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 21
  • 22. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 22
  • 23. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 23
  • 24. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 24
  • 25. Applying Anti-Reversing Techniques to Java Bytecode Eliminating Symbolic Information 25
  • 26. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program  One of the most popular, and fragile, techniques for preventing decompilation involves the use of opaque predicates:  By introducing false ambiguities into the control flow of a program we may trick a decompiler into traversing garbage bytes that are masquerading as logic contained in an else clause.  if ( 1 == 1 ) and if ( 1 == 2 ) are opaque predicates because the first always evaluates to true, and the second always to false.  “Branches that appear to be conditional but are really not.” [5]  The key to preventing decompilation with opaque predicates is to insert invalid instructions in the else branch of an always-true predicate or the if-body of an always false predicate. 26
  • 27. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates  Since the invalid instructions will never be reached during normal operation of the program there is no impact on the program's operation.  A naïve decompiler will evaluate both possibilities of an opaque predicate and fail on attempting to decompile the invalid, unreachable “instructions”. 27
  • 28. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program – Java Bytecode Verifier  Unfortunately, opaque predicates, often used in protecting machine code from disassembly, cannot be used with Java bytecode because of the presence of the Java Bytecode Verifier in the JVM.  The JVM verifies bytecode before execution via single-pass static analysis.  Therefore invalid instructions/garbage bytes are likely to be caught.  [31] documents the following checks made by the Java Bytecode Verifier:  Type correctness: arguments of an instruction, whether on the stack or in registers, should always be of the type expected by the instruction.  No stack overflow or underflow: instructions which remove items from the stack should not do so when the stack is empty. Also, instructions should not attempt to push items on the stack when the stack is full. 28
  • 29. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program – Java Bytecode Verifier  Register initialization: Within a single method any use of a register must come after the initialization of that register. That is, there should be at least one store operation to that register before a load operation on that register.  Object initialization: Creation of object instances must always be followed by a call to one of the possible initialization (constructor) methods for that object before it can be used.  Access control: Method calls, field accesses, and class references must always adhere to the Java visibility policies for that method, field, or reference (e.g., private, protected, public).  Recall that bytecode targeted to run on a JVM may have been generated by something other than the accompanying Java compiler (even dynamically).  This actuality highlights the need for bytecode verification. 29
  • 30. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates  Opaque predicates do remain viable for machine code, though there is some evidence that good disassemblers, such as IDA Pro, do check for rudimentary opaque predicates [5].  SandMark‘s creators claim that the presence of opaque predicates in bytecode, without garbage bytes of course, makes decompilation more difficult.  SandMark implements several different algorithms for sprinkling opaque predicates throughout bytecode.  For example, the opaque branch insertion obfuscation claims to “insert jumps into a method via opaque predicates so that the control flow graph is irreducible. This inhibits decompilation.” 30
  • 31. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates 31
  • 32. Applying Anti-Reversing Techniques to Java Bytecode Obfuscating The Program - Opaque Predicates 32
  • 33. 33