This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Introduction to the research area:
Java is a platform independent programming language. Java program, when compiled produces a machine code which is called as a byte code. The produced byte code can run on any type of operating system with the help of Java Virtual Machine (JVM). Byte code contains the actual data that is in source code. When the byte code is decompiled using de-compilers, original source code can be obtained.
Reverse engineering is the technique by which the reusability can be possible. An organisation develops a software product using Java and sells it to other organisations. The organisation sells the software in the form of a byte code format. The other organisations that purchase the software product which is in a byte code format can run on their own system and can change the program may violate all the rules by reverse engineering the software product with the help of automated tools like de-compilers. The organisation can change the product according to its needs and can publish as its own thus gives financial loss to the organisation that made it originally. More precisely, the developer places some sort of protection on the program that may be removed by the malicious users. Most of this work has concentrated on embedding the license file or identification keys in the software, especially in commercial applications. The program contains the code that checks for the presence of license file. In addition, the license file identifies the user to whom the software was issued. This information can be used in a legal action against the user who distributes the copies of the software illegally. However, the attack on this type of protection is to reverse engineer the code and removing the code that implements the protection or bypassing the key checking, while leaving the code that provides core functionality.
Different obfuscation techniques are implemented to prevent reverse engineering threat. Source code obfuscation is a technique to transform source code into another source code that has the same behaviour but difficult to comprehend. Several attempts have been made in this regard. A very simple technique is to rename identifiers to contain more ambiguous names. More viable source code obfuscation methods are based on composite functions, which are Array Index Transformation, Method Argument Transformation and Hiding Constant. Some source code obfuscation methods are directed at the object oriented concept: Class Splitting and Type Hiding. Other source code obfuscation techniques may include False Refractoring, Restructure Arrays, Inline and Outline methods, Clone methods, Split variables, Convert static to procedural data and Merge scalar variables.
In this paper, two byte code obfuscation techniques are proposed to prevent reverse engineering threat, namely, un-letting the completion of statement and removing variable and method names. The idea is to prevent de-compilers from generating correct source code by means of applying obfuscation techniques to the Java byte code. The obfuscated code gives syntax and schematic errors after compilation thus providing the original code. The method, un-letting the completion of statement can be applied on .jar files and the second method, removing variable and method names works on .class files.
Successful program obfuscation will confer a number of benefits, including protection of secrets in a program, license management for software, and provide software based tamper resistance which will make reverse engineering uneconomical.
2. Aims and Objectives:
The aim of this project is to develop a software product that provides security to the private data and makes reverse engineering impossible.
The main objectives of this project is to
Develop a user interface using swings that provides the user to select the required class file to be obfuscated and type of obfuscation technique to be applied.
To provide an engine that can read the Java byte code in hexadecimal format.
To develop a system that can modify the byte code in required places.
Coding the Java program to implement byte code obfuscation techniques.
Design a de-compiler for testing the obfuscated code.
The scope of this project is to develop a user friendly software product to implement the byte code obfuscation techniques on the Java byte code to prevent reverse engineering threat.
The key deliverables of this project are:
A reliable system that provides security to data.
Run time efficiency.
Technical, economical and operational feasibility.
A de-compiler to test the obfuscated code.
System may crash.
Phase 1 (Task 1&2): The project proposal form is to be submitted in task 1 and the task 2 includes collection of references and literature review.
Deliverables: Submission of proposal form and literature review report.
Phase 2 (Task 3): The hardware and software tools required for the project development are to be collected.
Deliverables: Collection of software and hardware tools.
Phase 3 (Task 4&5): In task 4, a front end of the software product for the user interface is to be designed using swings. The Java coding is to be developed in task 5.
Deliverables: Design of user interface and program coding.
Phase 4 (Task 6): The byte code obfuscation techniques are to be implemented and applied on the Java byte code to prevent reverse engineering.
Deliverables: Developed a software product.
Phase 5 (Task 7): The developed software product has to be tested on sample programs for any errors. The product is to be modified if any errors occurred.
Deliverables: A high efficient software product that provides security to Java files is developed.
Phase 6 (Task 8): Final report is to be documented.
Van Hoff, A. (January 1997). The case for Java as a programing language. Internet Computing. 1(1), 51-56.
This journal helps to enhance a basic idea on the Java programming language. The journal includes set of classes, packages, applets, Java servlets used for the development of software product. The journal also focuses on how the Java programming is different from other programming languages. It illustrates the flexibility of using Java tools in the development of software product. It discusses the features and importance of Java language in the web based applications.
Nikolaidis, I. (January 2001). Java server and servlets, building.portable web applications. 15(1), 6-8.
This journal contains a huge information on Java servlets used for the designing of web pages. It gives the idea of coding the program with Java. The journal is very flexible and easy to understand how to code the program and how to use the Java tools in the developing stage of software. The journal spreads its focus on various packages used in coding and various classes contained in the packages. The servlet coding is required to establish a connection between the front-end and database of the system.
Young Min Lee et al (2000) researched on Java virtual machine and described its basic function in the execution of a Java program. Java program when compiled forms a java byte code that can run on any other operating system with the help of a Java virtual machine.
Singh et al (2009) explained how computer gets attacked by the internet and a basic idea on the reverse engineering. The reverse engineering is the technique by which the reusability of the program can be possible. They focused on how the reverse engineering helpful in detecting the malicious code in softwares.
Collberg et al (2002) described various attacks on software and the preventive measures from those attacks. They explained how reverse engineering affects the software programs and suggested the obfuscation technique as a prevention against reverse engineering. They mentioned that after obfuscation the working of software program remains same but the decompilation of the program gives syntax and schematic errors. They provide information on piracy of the software and experimentally proved that watermarking can secure the software from piracy.
Douglas Low (1998) stated that byte code obfuscation can be helpful in protecting the Java code from reverse engineering.
Aycock et al (2009) presented a method, code obfuscation using pseudo random numbers to prevent reverse engineering threat. They explained that when Java code is compiled, it forms a byte code and the original source code can be extracted after decompiling the byte code. They described how this affect can be rectified with the use of pseudo random numbers.
Jean-Marie Borello et al (2003) briefly described the metamorphic viruses and the affects caused due to the viruses. They explained how obfuscation techniques useful in viruses and the difficulty in detection of those obfuscated viruses.
Chan el at (2004) proposed an advanced obfuscation technique that can secure Java byte code. They introduced a method that can make the Java byte code difficult to understand by evaluating syntax and semantic errors after de-compilation.
Cimato et al (2005) developed a new software tool that can overcome the difficulties with the obfuscation code.