A novel technique for control flow obfuscation in JVM applications using InvokeDynamic with native bootstrapping

A novel technique for control flow obfuscation in JVM applications using InvokeDynamic with native bootstrapping

연구 분야: Analysis

학회: CASCON '21: Proceedings of the 31st Annual International Conference on Computer Science and Software Engineering

Protecting the intellectual property of end-user software is a challenging industry problem. Modern obfuscation techniques aim to prevent reverse engineering and unauthorized use or modification to software. Obfuscation algorithms are especially necessary in JVM applications due to the large amount of contextual information stored in JVM bytecode. However, many commercial-grade obfuscation methods can be easily be undone by deobfuscation software such that it can later be decompiled and refactored for illegitimate use. In this paper, we propose a method of control flow obfuscation using the InvokeDynamic instruction with native call site bootstrapping. The proposed method prevents JVM byte-code from leaking call site information in function invocations. We evaluate the proposed technique against a series of benchmarks comparing original software with its obfuscated form. To this end, we observe an insignificant difference in application running time.