Obfuscating Java Programs by Translating Selected Portions of Bytecode to Native Libraries
This addresses the problem of reverse engineering threats for Java developers, but it is incremental as it builds on existing obfuscation techniques.
The paper tackles the limited obfuscation of Java bytecode by automatically translating critical sections to C code, enabling more resilient obfuscations while allowing developers to work solely in Java.
Code obfuscation is a popular approach to turn program comprehension and analysis harder, with the aim of mitigating threats related to malicious reverse engineering and code tampering. However, programming languages that compile to high level bytecode (e.g., Java) can be obfuscated only to a limited extent. In fact, high level bytecode still contains high level relevant information that an attacker might exploit. In order to enable more resilient obfuscations, part of these programs might be implemented with programming languages (e.g., C) that compile to low level machine-dependent code. In fact, machine code contains and leaks less high level information and it enables more resilient obfuscations. In this paper, we present an approach to automatically translate critical sections of high level Java bytecode to C code, so that more effective obfuscations can be resorted to. Moreover, a developer can still work with a single programming language, i.e., Java.