Based On The Abnormal Confusion Is The Design And Implementation Of Intermediate Language Code

Recently, tablet PCs, smart phones, Mac computers are more popular in people’slives, and Window with Intel inside is no longer as important as before. In order tomake a lot of applications just "write once, run anywhere", more and more intermediatelanguages like Java, is used by more and more people. Toibe just released theprogramming language ranking in March2012, Java is still ranked first.However, the intermediate language such as Java, it is particularly open toreverse-engineering attack, because they are well-defined, open source, and portablebinary format (bytecode). Therefore, we need to use the methods of a security to protectJava programs, obfuscation---that is, involves transforming the program code into amore complex, but the semantics equivalent representation. It includes change controlflow, change the identifier name, and remove some irrelevant information which is notrequired for execution. Obfuscation often adds the opaque predicate to change thecontrol flow and adding a redundant statement, or change the identifier name.In this thesis we will propose an effective and new method, which is based onexception mechanism of Java and other languages to extend the obfuscation capability.Like add exception instruction in the ordinary branch, hide the right branch intoexception handling table, instead of adding some deception and redundant branch, theprogram will jumps to the correct branch by requiring the exception table. We alsoexpansion and improvement of this method, include indirect exception links andmultiple abnormal link. Decompiler and Deobfuscation cannot crack it.Based on the above theory, we design and implement a Java obfuscator, whichhas six different confusion for class files Java compiler generated, we can also specifythe intensity and the maximum time overhead, the obfuscator can also analysis thecontrol flow graph of the class files.By using our obfuscator, we obfuscate some popular sorting algorithm sourcecode, including control flow transforming and exception transforming. Performancetesting tool is used to test the execution time and the code space, it proved that our obfuscated code doesn’t have too much overhead on the execution performance andcode size.Finally, we use three decompiler to prove that our exception-based codeobfuscating method is effective, in many ways better than traditional obfuscatetechnology. When combined with exception-based code obfuscating and control flow ofobfuscating, it will be able to resist the attack of the most common decompiler.