A large study on the effect of code obfuscation on the quality of java code


Autoria(s): Ceccato, Mariano; Capiluppi, Andrea; Falcarin, Paolo; Boldyreff, Cornelia
Data(s)

02/07/2014

Resumo

Context: Obfuscation is a common technique used to protect software against mali- cious reverse engineering. Obfuscators manipulate the source code to make it harder to analyze and more difficult to understand for the attacker. Although different ob- fuscation algorithms and implementations are available, they have never been directly compared in a large scale study. Aim: This paper aims at evaluating and quantifying the effect of several different obfuscation implementations (both open source and commercial), to help developers and project manager to decide which one could be adopted. Method: In this study we applied 44 obfuscations to 18 subject applications covering a total of 4 millions lines of code. The effectiveness of these source code obfuscations has been measured using 10 code metrics, considering modularity, size and complexity of code. Results: Results show that some of the considered obfuscations are effective in mak- ing code metrics change substantially from original to obfuscated code, although this change (called potency of the obfuscation) is different on different metrics. In the pa- per we recommend which obfuscations to select, given the security requirements of the software to be protected.

Formato

text

Identificador

http://roar.uel.ac.uk/5282/1/EMSE2015-main-1.pdf

Ceccato, Mariano and Capiluppi, Andrea and Falcarin, Paolo and Boldyreff, Cornelia (2014) ‘A large study on the effect of code obfuscation on the quality of java code’, Empirical Software Engineering, 20(6), pp. 1486-1524. (10.1007/s10664-014-9321-0 <http://dx.doi.org/10.1007/s10664-014-9321-0>).

Publicador

Springer

Relação

http://dx.doi.org/10.1007/s10664-014-9321-0

http://roar.uel.ac.uk/5282/

Tipo

Article

PeerReviewed