| In distributed computing surroundings, a software may be deployed on several computers which can not be trusted . In malicious host surroundings ,a software can be reverse engineered and also can be tampered with. The confidentiality, integrality and availability of software are threatened, so convenient and effective methods are needed to protect the intellectual property contained in software. Code obfuscation transformation emerges as a defense technique to protect software form reverse engineering. The advent and widely use of Java language brings the widely research on code obfuscation because the class file is easy to be decompiled.In the thesis, reverse engineering and code obfuscation are both studied and a tool for both parse and obfuscation of Java bytecode is presented and discussed.Main contributions in the thesis are:1. Analysis of attacks of malicious host including reverse engineering, tamper, and corresponding defense methods such as code obfuscation, tamper resistance, software watermark and time-limiting schemes. Design of a model for general protecting software covering with confidentiality, integrality, availability and authentication of software .2. Design and implementation of a tool for code obfuscation. Evaluation of the effectiveness and performance overhead by obfuscation transformation is given. Effects on obfuscation by Java run-time surroundings are discussed. The implemented obfuscation method includes: control flow flatten, indirection to control branching, class coalescing and type hiding.3. Design and implementation of a tool for automatic constructing the Control Flow Graph of a method. Analysis of reverse engineering including static analysis and dynamic analysis.4. Design and implementation of a tool for both parse and obfuscation of Java bytecode(JBPOT) which help researchers investigate techniques of protecting software from both defense and attack. |
PDF Full Text Request