Obfuscation of design intent in object-oriented applications

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Obfuscation of design intent in object-oriented applications

Full text

Pdf (369 KB)

Source

ACM Workshop On Digital Rights Management archive
Proceedings of the 3rd ACM workshop on Digital rights management table of contents

Washington, DC, USA

SESSION: Software and systems table of contents

Pages: 142 - 153

Year of Publication: 2003

ISBN:1-58113-786-9

Authors

Mikhail Sosonkin	Polytechnic University, Brooklyn, NY
Gleb Naumovich	Polytechnic University, Brooklyn, NY
Nasir Memon	Polytechnic University, Brooklyn, NY

Sponsors

ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 11, Downloads (12 Months): 52, Citation Count: 2

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/947380.947399 What is a DOI?

ABSTRACT

Protection of digital data from unauthorized access is of paramount importance. In the past several years, much research has concentrated on protecting data from the standpoint of confidentiality, integrity and availability. Software is a form of data with unique properties and its protection poses unique challenges. First, software can be reverse engineered, which may result in stolen intellectual property. Second, software can be altered with the intent of performing operations this software must not be allowed to perform.With commercial software increasingly distributed in forms from which source code can be easily extracted, such as Java bytecodes, reverse engineering has become easier than ever. Obfuscation techniques have been proposed to impede illegal reverse engineers. Obfuscations are program transformations that preserve the program functionality while obscuring the code, thereby protecting the program against reverse engineering. Unfortunately, the existing obfuscation techniques are limited to obscuring variable names, transformations of local control flow, and obscuring expressions using variables of primitive types. In this paper, we propose obfuscations of design of object-oriented programs.We describe three techniques for obfuscation of program design. The class coalescing obfuscation replaces several classes with a single class. The class splitting obfuscation replaces a single class with multiple classes, each responsible for a part of the functionality of the original class. The type hiding obfuscation uses the mechanism of interfaces in Java to obscure the types of objects manipulated by the program. We show the results of our initial experiments with a prototype implementation of these techniques. In particular, we shown that the runtime overheads of these obfuscations tend to be small.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Alfred V. Aho , Ravi Sethi , Jeffrey D. Ullman, Compilers: principles, techniques, and tools, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1986
	2	R. Anderson and M. Kuhn. Tamper resistance --- a cautionary note. In Proceedings of the second USENIX Workshop on Electronic Commerce, 1996.
	3	Boaz Barak , Oded Goldreich , Russell Impagliazzo , Steven Rudich , Amit Sahai , Salil P. Vadhan , Ke Yang, On the (Im)possibility of Obfuscating Programs, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.1-18, August 19-23, 2001
	4	Joshua Bloch, Effective Java programming language guide, Sun Microsystems, Inc., Mountain View, CA, 2001
	5	Hoi Chang , Mikhail J. Atallah, Protecting Software Code by Guards, Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management, p.160-175, November 05, 2001
	6	C. Collberg, C. Thomborson, and D. Low. A taxonomy of obfuscating transformations. Technical Report 148, July 1997.
	7	Christian Collberg , Clark Thomborson , Douglas Low, Manufacturing cheap, resilient, and stealthy opaque constructs, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.184-196, January 19-21, 1998, San Diego, California, United States [doi>10.1145/268946.268962]
	9	M. Fowler. Refactoring: Improving the Design of Existing Code. Addison-Wesley, 2000.
	10	E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design Patterns. Addison-Wesley Publishing Company, Inc., Reading, Massachusetts, 1994. ISBN 0-201-63361-2.
	11	Bernhard Ganter , C. Franzke , Rudolf Wille, Formal Concept Analysis: Mathematical Foundations, Springer-Verlag New York, Inc., Secaucus, NJ, 1997
	12	David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
	13	Gleb Naumovich , George S. Avrunin, A conservative data flow algorithm for detecting all pairs of statements that may happen in parallel, Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering, p.24-34, November 01-05, 1998, Lake Buena Vista, Florida, United States
	14	Patrice Pominville , Feng Qian , Raja Vallée-Rai , Laurie Hendren , Clark Verbrugge, A framework for optimizing Java using attributes, Proceedings of the 2000 conference of the Centre for Advanced Studies on Collaborative research, p.8, November 13-16, 2000, Mississauga, Ontario, Canada
	15	Gregor Snelting , Frank Tip, Understanding class hierarchies using concept analysis, ACM Transactions on Programming Languages and Systems (TOPLAS), v.22 n.3, p.540-582, May 2000 [doi>10.1145/353926.353940]
	16	D. Taenzer, M. Gandi, and S. Podar. Problems in object-oriented software reuse. In Proceedings of European Conference on Object-Oriented Programming, pages 25--38, 1989.
	17	Frank Tip , Chris Laffra , Peter F. Sweeney , David Streeter, Practical experience with an application extractor for Java, ACM SIGPLAN Notices, v.34 n.10, p.292-305, Oct. 1999
	18	Mark N. Wegman , F. Kenneth Zadeck, Constant propagation with conditional branches, ACM Transactions on Programming Languages and Systems (TOPLAS), v.13 n.2, p.181-210, April 1991 [doi>10.1145/103135.103136]

CITED BY 2

	Jesús Téllez Isaac , José Sierra Camara , Antonio Izquierdo Manzanares , Joaquín Torres Márquez, Anonymous payment in a Kiosk centric model using digital signature scheme with message recovery and low computational power devices, Journal of Theoretical and Applied Electronic Commerce Research, v.1 n.2, p.1-11, August 2006
	Kazuhide Fukushima , Shinsaku Kiyomoto , Toshiaki Tanaka , Kouichi Sakurai, Analysis of Program Obfuscation Schemes with Variable Encoding Technique, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.1, p.316-329, January 2008