Obfuscation (software)

Last updated

In software development, obfuscation is the practice of creating source or machine code that is intentionally difficult for humans or computers to understand. Similar to obfuscation in natural language, code obfuscation may involve using unnecessarily roundabout ways to write statements. Programmers often obfuscate code to conceal its purpose, logic, or embedded values. The primary reasons for doing so are to prevent tampering, deter reverse engineering, or to create a puzzle or recreational challenge to deobfuscate the code, a challenge often included in crackmes. Whlie obfuscation can be done manually, it is more commonly performed using obfuscators. [1]

Contents

Overview

The architecture and characteristics of some languages may make them easier to obfuscate than others. [2] [3] C, [4] C++, [5] [6] and the Perl programming language [7] are some examples of languages easy to obfuscate. Haskell is also quite obfuscatable [8] despite being quite different in structure.

The properties that make a language obfuscatable are not immediately obvious.

Techniques

Types of obfuscations include simple keyword substitution, use or non-use of whitespace to create artistic effects, and self-generating or heavily compressed programs.

According to Nick Montfort, techniques may include:

  1. naming obfuscation, which includes naming variables in a meaningless or deceptive way;
  2. data/code/comment confusion, which includes making some actual code look like comments or confusing syntax with data;
  3. double coding, which can be displaying code in poetry form or interesting shapes. [9]

Automated tools

A variety of tools exist to perform or assist with code obfuscation. These include experimental research tools developed by academics, hobbyist tools, commercial products written by professionals, and open-source software. Additonally, deobfuscation tools exist, aiming to reverse the obfuscation process.

While most commercial obfuscation solutions transform either program source code or platform-independent bytecode (as used by Java and .NET), some also work directly on compiled binaries.

Recreational

Writing and reading obfuscated source code can be a brain teaser. A number of programming contests reward the most creatively obfuscated code, such as the International Obfuscated C Code Contest and the Obfuscated Perl Contest.

Short obfuscated Perl programs may be used in signatures of Perl programmers. These are JAPHs ("Just another Perl hacker"). [16]

Cryptographic

Cryptographers have explored the idea of obfuscating code so that reverse-engineering the code is cryptographically hard. This is formalized in the many proposals for indistinguishability obfuscation, a cryptographic primitive that, if possible to build securely, would allow one to construct many other kinds of cryptography, including completely novel types that no one knows how to make. (A stronger notion, black-box obfuscation, is known to be impossible in general.) [17] [18]

Disadvantages of obfuscation

Notifying users of obfuscated code

Some anti-virus softwares, such as AVG AntiVirus, [20] will also alert their users when they land on a website with code that is manually obfuscated, as one of the purposes of obfuscation can be to hide malicious code. However, some developers may employ code obfuscation for the purpose of reducing file size or increasing security. The average user may not expect their antivirus software to provide alerts about an otherwise harmless piece of code, especially from trusted corporations, so such a feature may actually deter users from using legitimate software.

Mozilla and Google disallow browser extensions containing obfuscated code in their add-ons store. [21] [22]

Obfuscation and copyleft licenses

There has been debate on whether it is illegal to skirt copyleft software licenses by releasing source code in obfuscated form, such as in cases in which the author is less willing to make the source code available. The issue is addressed in the GNU General Public License by requiring the "preferred form for making modifications" to be made available. [23] The GNU website states "Obfuscated 'source code' is not real source code and does not count as source code." [24]

Decompilers

A decompiler is a tool that can reverse-engineer source code from an executable or library. This process is sometimes referred to as a man-in-the-end (mite) attack, inspired by the traditional "man-in-the-middle attack" in cryptography. The decompiled source code is often hard to read, containing random function and variable names, incorrect variable types, and logic that differs from the original source code due to compiler optimizations.

Model obfuscation

Model obfuscation is a technique to hide the internal structure of a machine learning model. [25] Obfuscation turns a model into a black box. It is contrary to explainable AI. Obfuscation models can also be applied to training data before feeding it into the model to add random noise. This hides sensitive information about the properties of individual and groups of samples. [26]

See also

Related Research Articles

The Comprehensive Perl Archive Network (CPAN) is a software repository of over 250,000 software modules and accompanying documentation for 39,000 distributions, written in the Perl programming language by over 12,000 contributors. CPAN can denote either the archive network or the Perl program that acts as an interface to the network and as an automated software installer. Most software on CPAN is free and open source software.

<span class="mw-page-title-main">Python (programming language)</span> General-purpose programming language

Python is a high-level, general-purpose programming language. Its design philosophy emphasizes code readability with the use of significant indentation.

<span class="mw-page-title-main">Perl</span> Interpreted programming language first released in 1987

Perl is a high-level, general-purpose, interpreted, dynamic programming language. Though Perl is not officially an acronym, there are various backronyms in use, including "Practical Extraction and Reporting Language".

<span class="mw-page-title-main">Quine (computing)</span> Self-replicating program

A quine is a computer program that takes no input and produces a copy of its own source code as its only output. The standard terms for these programs in the computability theory and computer science literature are "self-replicating programs", "self-reproducing programs", and "self-copying programs".

<span class="mw-page-title-main">Shell script</span> Script written for the shell, or command line interpreter, of an operating system

A shell script is a computer program designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper.

An esoteric programming language is a programming language designed to test the boundaries of computer programming language design, as a proof of concept, as software art, as a hacking interface to another language, or as a joke. The use of the word esoteric distinguishes them from languages that working developers use to write software. The creators of most esolangs do not intend them to be used for mainstream programming, although some esoteric features, such as visuospatial syntax, have inspired practical applications in the arts. Such languages are often popular among hackers and hobbyists.

Parrot is a discontinued register-based process virtual machine designed to run dynamic languages efficiently. It is possible to compile Parrot assembly language and Parrot intermediate representation to Parrot bytecode and execute it. Parrot is free and open-source software.

Bytecode is a form of instruction set designed for efficient execution by a software interpreter. Unlike human-readable source code, bytecodes are compact numeric codes, constants, and references that encode the result of compiler parsing and performing semantic analysis of things like type, scope, and nesting depths of program objects.

<span class="mw-page-title-main">Automake</span> Programming tool to automate parts of the compilation process

GNU Automake is a software development tool to automate parts of the compilation process. It eases common compilation problems. For example, it points to needed dependencies.

<span class="mw-page-title-main">Windows Script Host</span> Automation technology for Windows

The Microsoft Windows Script Host (WSH) is an automation technology for Microsoft Windows operating systems that provides scripting abilities comparable to batch files, but with a wider range of supported features. This tool was first provided on Windows 95 after Build 950a on the installation discs as an optional installation configurable and installable by means of the Control Panel, and then a standard component of Windows 98 and subsequent and Windows NT 4.0 Build 1381 and by means of Service Pack 4. The WSH is also a means of automation for Internet Explorer via the installed WSH engines from IE Version 3.0 onwards; at this time VBScript became means of automation for Microsoft Outlook 97. The WSH is also an optional install provided with a VBScript and JScript engine for Windows CE 3.0 and following and some third-party engines including Rexx and other forms of Basic are also available.

A programming tool or software development tool is a computer program that is used to develop another program. A tool provides a command line interface (CLI), a graphical user interface (GUI), or both. A CLI allows a tool to be used for automation such as for build or test.

In computer programming, a one-liner program originally was textual input to the command line of an operating system shell that performed some function in just one line of input. In the present day, a one-liner can be

<span class="mw-page-title-main">LAMP (software bundle)</span> Acronym for a common web hosting solution

A LAMP is one of the most common software stacks for the web's most popular applications. Its generic software stack model has largely interchangeable components.

Coding conventions are a set of guidelines for a specific programming language that recommend programming style, practices, and methods for each aspect of a program written in that language. These conventions usually cover file organization, indentation, comments, declarations, statements, white space, naming conventions, programming practices, programming principles, programming rules of thumb, architectural best practices, etc. These are guidelines for software structural quality. Software programmers are highly recommended to follow these guidelines to help improve the readability of their source code and make software maintenance easier. Coding conventions are only applicable to the human maintainers and peer reviewers of a software project. Conventions may be formalized in a documented set of rules that an entire team or company follows, or may be as informal as the habitual coding practices of an individual. Coding conventions are not enforced by compilers.

The following tables provide a comparison of numerical analysis software.

A decompiler is a computer program that translates an executable file back into high-level source code. Unlike a compiler, which converts high-level code into machine code, a decompiler performs the reverse process. While disassemblers translate executables into assembly language, decompilers go a step further by reconstructing the disassembly into higher-level languages like C. However, decompilers often cannot perfectly recreate the original source code and may produce obfuscated or less readable code.

<span class="mw-page-title-main">Scripting language</span> Programming language designed for scripting

In computing, a script is a relatively short and simple set of instructions that typically automate an otherwise manual process. The act of writing a script is called scripting. A scripting language or script language is a programming language that is used for scripting.

The following outline is provided as an overview of and topical guide to the Perl programming language:

NaCl is a public domain, high-speed software library for cryptography.

References

  1. "What is obfuscation (obfu)? - Definition from WhatIs.com". SearchSoftwareQuality. Archived from the original on February 2, 2019. Retrieved February 1, 2019.
  2. Binstock, Andrew (March 6, 2003). "Obfuscation: Cloaking your Code from Prying Eyes". Archived from the original on April 20, 2008. Retrieved November 25, 2013.
  3. Atwood, Jeff (May 15, 2005). "Jeff Atwood, May 15, 2005". Codinghorror.com. Archived from the original on January 9, 2010. Retrieved November 25, 2013.
  4. "Obfuscation". Kenter.demon.nl. Archived from the original on March 4, 2016. Retrieved November 25, 2013.
  5. "C++ Tutorials – Obfuscated Code – A Simple Introduction". DreamInCode.net. Archived from the original on June 28, 2008. Retrieved November 25, 2013.{{cite web}}: CS1 maint: unfit URL (link)
  6. "C Tutorials – Obfuscated Code in C". July 7, 2011. Archived from the original on December 27, 2013. Retrieved November 25, 2013.
  7. As of 2013-11-25 18:22 GMT. "Pe(a)rls in line noise". Perlmonks.org. Archived from the original on January 16, 2009. Retrieved November 25, 2013.{{cite web}}: CS1 maint: numeric names: authors list (link)
  8. "Obfuscation – Haskell Wiki". February 16, 2006. Archived from the original on August 30, 2017. Retrieved March 3, 2020.
  9. Montfort, Nick. "Obfuscated code" (PDF). Archived from the original (PDF) on April 24, 2019. Retrieved November 24, 2017.
  10. Ben Kurtovic. "Obfuscating "Hello world!"". benkurtovic.com. Archived from the original on September 14, 2017. Retrieved October 18, 2017.
  11. "Obfuscated Python". wiki.c2.com. Archived from the original on February 14, 2017. Retrieved October 18, 2017.
  12. "The First Annual Obfuscated Python Content". code.activestate.com. Archived from the original on May 25, 2023. Retrieved October 18, 2017.
  13. domas (November 3, 2022), xoreaxeaxeax/movfuscator, archived from the original on November 12, 2022, retrieved November 5, 2022
  14. Break Me00 The MoVfuscator Turning mov into a soul crushing RE nightmare Christopher Domas, September 25, 2015, archived from the original on October 21, 2022, retrieved November 5, 2022
  15. Williams, Al (March 21, 2021). "One Instruction To Rule Them All: C Compiler Emits Only MOV". Hackaday . Retrieved October 23, 2023.
  16. "JAPH – Just Another Perl Hacker". pm.org. Perl Mongers. Archived from the original on May 16, 2013. Retrieved February 27, 2015.
  17. "Cryptography Breakthrough Could Make Software Unhackable". Wired. ISSN   1059-1028. Archived from the original on April 14, 2022. Retrieved March 14, 2021.
  18. Jain, Aayush; Lin, Huijia; Sahai, Amit (2020). "Indistinguishability Obfuscation from Well-Founded Assumptions". Cryptology ePrint Archive. arXiv: 2008.09317 . Archived from the original on March 3, 2022. Retrieved March 14, 2021.
  19. ""Can We Obfuscate Programs?" by Boaz Barak". Math.ias.edu. Archived from the original on March 23, 2016. Retrieved November 25, 2013.
  20. "Blocking website and only way to fix is disabling HTTPS s... | AVG". support.avg.com. July 21, 2020. Archived from the original on February 4, 2022. Retrieved February 4, 2022.
  21. at 05:01, Thomas Claburn in San Francisco 2 Oct 2018. "Google taking action against disguised code in Chrome Web Store". www.theregister.co.uk. Archived from the original on November 12, 2019. Retrieved November 12, 2019.{{cite web}}: CS1 maint: numeric names: authors list (link)
  22. Cimpanu, Catalin. "Mozilla announces ban on Firefox extensions containing obfuscated code". ZDNet. Archived from the original on March 5, 2020. Retrieved November 12, 2019.
  23. "Reasoning behind the "preferred form of the work for making modifications to it" language in the GPL". Lwn.net. Archived from the original on December 2, 2013. Retrieved November 25, 2013.
  24. "What is free software?". gnu.org. Archived from the original on October 14, 2013. Retrieved December 18, 2014.
  25. Zhou, Mingyi; Gao, Xiang; Wu, Jing; Grundy, John C.; Chen, Xiao; Chen, Chunyang; Li, Li (2023). "Model Obfuscation for Securing Deployed Neural Networks".{{cite journal}}: Cite journal requires |journal= (help)
  26. Zhang, Tianwei; He, Zecheng; Lee, Ruby B. (July 12, 2018). "Privacy-preserving Machine Learning through Data Obfuscation". arXiv: 1807.01860 [cs.CR].

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.