Method folding obfuscation

🗣 Overview

To improve tamper resistance of programs against illegal modification, this paper proposes instruction folding applicable to Java platform.

In the proposed method, at first, similar methods are selected in a Java program. Next, these methods are merged into one method and diffs among these methods are stored in the program. Then, at runtime, when one of the merged methods is executed, diffs are restored by self-modification, which is realized by the Java instrumentation mechanism. The proposed method is resilient against tampering of folded method. Even if an adversary modifies the folded method, the program goes crash because the method is repeatedly modified at runtime.

(Abstract from SNPD 2013)

📚 Publications

• Tetsuya Ohdo, Haruaki Tamada, Yuichiro Kanzaki, and Akito Monden, “An Instruction Folding Method to Prevent Reverse Engineering in Java Platform,” In Proc. 13th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD 2013), pp.517-522, 1-3 July 2013 (Honolulu, Hawaii, U.S.A.). 🔗 Linkieeexplore.ieee.org
• 大堂 哲也，玉田 春昭，”Javaを対象とした畳込み手法による耐タンパ化の試み”，2013年暗号と情報セキュリティシンポジウム予稿集 (SCIS2013), 2C4-3, January 2013.
• 玉田 春昭，神崎 雄一郎，門田 暁人，”Java言語を対象とした実行時多様化の試み”, 2012年暗号と情報セキュリティシンポジウム予稿集 (SCIS2012), 4E2-3, January 2012.

🔎 Related Research Topics

• Obfuscation by invokedynamic
• Obfuscation by dynamic name resolution

🤝 Collaborators

• A. Monden@Software mesurement and analytics laboratory, Okayama University
• Y. Kanzaki@Kumamoto National College of Technology