| With the fast increasing number of Java application, various kinds of Reverse Engineering technology are increasingly. Therefore, how to reinforce the Java application's security becomes an issue of continuously updated. Today, although there are a lot of security reinforcement schemes,the CLASS bytecode file still exist certain information that can be Reverse Engineering using. Specially, the parameter type information transferred between method calls could be one of the potential safety hazard. The cracker can use this type information quickly to narrow the search scope,achieve the fast locating.For this problem, the thesis designed an approach to hide the method's descriptor, and proposed two obfuscation algorithms called Unifying Method Descriptor and Merging Method Collection. In principle, the two algorithms can only hide the type information between methods, not to transform the original program flow. The obfuscated application can be directly run on the native JVM, without any other codes or tools.In order to verify the feasibility, we implemented an obfuscation program based on the two algorithms. In the aspect of the test, the thesis opted for 9 real-life applications from the DaCapo benchmark suite. In addition, the thesis also calculate the intensity of obfuscation for the two algorithms respectively, the results show that the two obfuscation algorithms, in addition to its inherent characteristics, can not only increase the method's average complexity, but also enhance the cohesion and reduce the coupling. |
PDF Full Text Request