Java Obfuscators
Java programming language was initially designed with the purpose in mind to be compiled into a platform regardless of the bytecode format. A large part of the information contained by the source code is stored in the bytecode and therefor decompilation is an easy task. Code obfuscation can help protect Java bytecodes.
Reverse engineering application is a difficult process because they are usually large, monolithic and distributed as stripped object code. Removing the symbol table from the object code erases information about variable names and references to library routines. But as Java became more popular the risk of being reverse engineered also increased. There is little control over the distribution of the bytecodes since it is meant to be portable.
Not allowing physical access to the program is one way to prevent reverse engineering. Users. communication with the program can be established through an interface with a limited number of services instead, like the client-server model is. The down side part of this is lack in performance due to network bandwidth and latency. Keeping parts of the program that need to be hidden on the server and have the user.s machine run the rest locally only partially solves the problem.
Another option is code encryption. It is still possible to intercept and decrypt the code if not the whole process is done in the hardware and specialised hardware limit programs. portability.
The programs can be transmitted in a form less vulnerable if Java bytecodes are replaced with native object codes, which makes the decompilation task more difficult. Java uses as protection measure against malicious programs the bytecode verification but this can.t be applied to native object codes. Digital signature to verify if the native code is indeed from a trusted source definitely help, only that in this case different architectures require different versions of the program and the software maintenance effort is increased.
Reverse engineering can.t be made impossible but it can be made more time and effort consuming. By code obfuscation a program preserves its functionality unchanged but it becomes more difficult to understand. While producing the same results the program may have a longer execution time due to the modifications made to the code.
There are few academic publications regarding Java obfuscation, the body of the work on this subject has been done in the form of freeware, shareware and commercial programs.
Code obfuscation is classified according to what kind of information is target and how it affects that target.
Altered is the information unnecessary to program.s execution, like identifier names and comments, lots of applications doing exactly that, changing identifiers in less meaningful ones. The technique based on identifier scrambling is common obfuscation usually applied to other languages too.
Obfuscation of the data storage is applied to the way data is stored in the memory and data encoding obfuscation affects the way the stored data is interpreted. Obfuscation of data aggregation alters how data is grouped together, while data ordering obfuscation change its order.
Control obfuscation is based on disguising the real control flow of the program. Obfuscation of control aggregation modifies the way program statements are grouped. Control ordering obfuscation alters the execution order of these statements.
Obfuscation of control computation can affect the control flow in a program. Smoke and mirrors obfuscation is hiding the real control flow with irrelevant statements like code that will never be executed. High-level language breaking obfuscation provides features at the object code level that have no direct source code equivalent. Control flow abstraction is basically the reverse task performed by a compiler.
All these attempt to stop decompilers from operating, though stopping reverse engineering is not easy and not totally possible.
Obfuscator Tools: