Skip navigation

A large study on the effect of code obfuscation on the quality of java code

A large study on the effect of code obfuscation on the quality of java code

Ceccato, Mariano, Capiluppi, Andrea, Falcarin, Paolo and Boldyreff, Cornelia ORCID logoORCID: https://orcid.org/0000-0002-2737-7671 (2015) A large study on the effect of code obfuscation on the quality of java code. Empirical Software Engineering, 20 (6). pp. 1486-1524. ISSN 1382-3256 (Print), 1573-7616 (Online) (doi:10.1007/s10664-014-9321-0)

[thumbnail of Author Accepted Manuscript]
Preview
PDF (Author Accepted Manuscript)
12798_BOLDYREFF_(EMSE_AAM_2014).pdf - Accepted Version

Download (4MB)
[thumbnail of Acceptance letter] PDF (Acceptance letter)
12798_BOLDYREFF_(Acceptance_email_12May2014).pdf - Additional Metadata
Restricted to Registered users only

Download (14kB)

Abstract

Context: Obfuscation is a common technique used to protect software against malicious reverse engineering. Obfuscators manipulate the source code to make it harder to analyze and more difficult to understand for the attacker. Although different obfuscation algorithms and implementations are available, they have never been directly compared in a large scale study.

Aim: This paper aims at evaluating and quantifying the effect of several different obfuscation implementations (both open source and commercial), to help developers and project managers to decide which algorithms to use.

Method: In this study we applied 44 obfuscations to 18 subject applications covering a total of 4 millions lines of code. The effectiveness of these source code obfuscations has been measured using 10 code metrics, considering modularity, size and complexity of code.

Results: Results show that some of the considered obfuscations are effective in making code metrics change substantially from original to obfuscated code, although this change (called potency of the obfuscation) is different on different metrics. In the paper we recommend which obfuscations to select, given the security requirements of the software to be protected.

Item Type: Article
Additional Information: The final publication is available at Springer via http://dx.doi.org/10.1007/s10664-014-9321-0
Uncontrolled Keywords: code obfuscation, quality, java code
Subjects: Q Science > QA Mathematics
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Faculty of Engineering & Science
Last Modified: 04 Mar 2022 13:07
URI: http://gala.gre.ac.uk/id/eprint/12798

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics