A qualitative analysis of Java obfuscation

Matthew Karnick; Jeffrey MacBride; Sean McGinnis; Ying Tang; Ravi Ramachandran

A qualitative analysis of Java obfuscation

Matthew Karnick, Jeffrey MacBride, Sean McGinnis, Ying Tang, Ravi Ramachandran

Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

12 Scopus citations

Abstract

Code obfuscation is a promising defense technology that secures software in a way that makes the cost of reverse engineering prohibitively high. While there are a number of commercial obfuscation tools on the market, there is no standard measurement to analyze and evaluate their strength. This paper addresses this challenge. An analytical metrics is developed to quantify the performance of obfuscation in terms of potency, resilience, and cost. Four commercial obfuscators are then evaluated using the proposed method.

Original language	English (US)
Title of host publication	Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006
Pages	166-171
Number of pages	6
State	Published - 2006
Event	10th IASTED International Conference on Software Engineering and Applications, SEA 2006 - Dallas, TX, United States Duration: Nov 13 2006 → Nov 15 2006

Publication series

Name	Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006

Other

Other	10th IASTED International Conference on Software Engineering and Applications, SEA 2006
Country/Territory	United States
City	Dallas, TX
Period	11/13/06 → 11/15/06

All Science Journal Classification (ASJC) codes

Software

Cite this

@inproceedings{0e3e68155eaf4c21a1f5bcac9a8ce935,

title = "A qualitative analysis of Java obfuscation",

abstract = "Code obfuscation is a promising defense technology that secures software in a way that makes the cost of reverse engineering prohibitively high. While there are a number of commercial obfuscation tools on the market, there is no standard measurement to analyze and evaluate their strength. This paper addresses this challenge. An analytical metrics is developed to quantify the performance of obfuscation in terms of potency, resilience, and cost. Four commercial obfuscators are then evaluated using the proposed method.",

author = "Matthew Karnick and Jeffrey MacBride and Sean McGinnis and Ying Tang and Ravi Ramachandran",

year = "2006",

language = "English (US)",

isbn = "9780889865990",

series = "Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006",

pages = "166--171",

booktitle = "Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006",

note = "10th IASTED International Conference on Software Engineering and Applications, SEA 2006 ; Conference date: 13-11-2006 Through 15-11-2006",

}

Karnick, M, MacBride, J, McGinnis, S, Tang, Y & Ramachandran, R 2006, A qualitative analysis of Java obfuscation. in Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006. Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006, pp. 166-171, 10th IASTED International Conference on Software Engineering and Applications, SEA 2006, Dallas, TX, United States, 11/13/06.

A qualitative analysis of Java obfuscation. / Karnick, Matthew; MacBride, Jeffrey; McGinnis, Sean et al.
Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006. 2006. p. 166-171 (Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A qualitative analysis of Java obfuscation

AU - Karnick, Matthew

AU - MacBride, Jeffrey

AU - McGinnis, Sean

AU - Tang, Ying

AU - Ramachandran, Ravi

PY - 2006

Y1 - 2006

N2 - Code obfuscation is a promising defense technology that secures software in a way that makes the cost of reverse engineering prohibitively high. While there are a number of commercial obfuscation tools on the market, there is no standard measurement to analyze and evaluate their strength. This paper addresses this challenge. An analytical metrics is developed to quantify the performance of obfuscation in terms of potency, resilience, and cost. Four commercial obfuscators are then evaluated using the proposed method.

AB - Code obfuscation is a promising defense technology that secures software in a way that makes the cost of reverse engineering prohibitively high. While there are a number of commercial obfuscation tools on the market, there is no standard measurement to analyze and evaluate their strength. This paper addresses this challenge. An analytical metrics is developed to quantify the performance of obfuscation in terms of potency, resilience, and cost. Four commercial obfuscators are then evaluated using the proposed method.

UR - http://www.scopus.com/inward/record.url?scp=38049117636&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38049117636&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:38049117636

SN - 9780889865990

T3 - Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006

SP - 166

EP - 171

BT - Proceedings of the 10th IASTED International Conference on Software Engineering and Applications, SEA 2006

T2 - 10th IASTED International Conference on Software Engineering and Applications, SEA 2006

Y2 - 13 November 2006 through 15 November 2006

ER -

A qualitative analysis of Java obfuscation

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Other files and links

Fingerprint

Cite this