| Computer software is a kind of special goods that can be easily copied, tempered. In the past several years, many researches have concentrated on protecting data from the standpoint of confidentiality, integrity and availability, Such as protection of digital data from unauthorized access. Software is a form of data with unique properties and its protection poses unique challenges. First, software can be reverse engineered, which may result in stolen intellectual property. Second, software can be altered with the intent of performing operations this software must not be allowed to perform.It has become more and more common for commercial software to distribute in forms that retain most or all of the information present in the original source code, Such as Java byte codes, reverse engineering has become easier than ever. Since such codes are easy to be decompiled and extracted to source code, they increase the risk of malicious reverse engineering attacks. Meanwhile along with some political and economic reasons, computer software protection is very weak.First, this dissertation brings out attack models for software security, especially malicious host attack and several technical ways to enhance intellectual property protection within the software domain, including: server-side execution, hardware assist-software protection, software watermarking & tempering-proof technology.Code obfuscation, which is the technique for technical protection of software secrets, has been mainly described in the rest of the dissertation. Obfuscation techniques have been proposed to impede illegal reverse engineers. Obfuscations are program transformations that preserve the program functionality while obscuring the code, thereby protecting the program against malicious reverse engineering. But the existing obfuscation techniques are limited to obscuring variable names and obscuring expressions using variables of primitive types. So in this dissertation, local control flow and design of object-oriented programs based on Java bytecode have been adapted in the obfuscation transformations.Class splitting and class coalescing obfuscations are two technologies of design of object-oriented programs. The class splitting is which replaces a single class with multiple classes and Class coalescing is which replaces these classes with a single target class. Otherwise Java architecture, Java virtual machine, measures, the definition and classifications of this technique are also introduced.Finally, a tool based on protection of byte code has been designed and implemented for code obfuscation including control obfuscation, class coalescing and class splitting. Evaluation of the effectiveness and performance overhead by obfuscation transformation is given. |
PDF Full Text Request