Java Virtual Machine ( Obfuscation and Java )

  • View
    43

  • Download
    0

Embed Size (px)

DESCRIPTION

Java Virtual Machine ( Obfuscation and Java ). 2004. What it is all about?. Java Classfile - Java Q&A. Java Technology ( ). - PowerPoint PPT Presentation

Transcript

  • Java Virtual Machine(Obfuscation and Java) 2004

  • What it is all about? JavaClassfile - JavaQ&A

  • Java Technology()Java SUN Microsystems1991 . James Gosling Oak1995 . JAVA - JDK 1.01998 . Java 2 ( SE, EE, ME)Java : -

  • What is this all for?H.JARDESKTOPiPAQPALMSMARTPHONECELLPHONEEMBEDDED MEDICAL SYSTEMWEB SERVERSMART HOUSEVM

  • JAVAb.javab.javaa.javaJAR(jar)ZIPb. classb. classa.classCompiler(other)e.othere.classf.pngg.txtManifest.mfCompiler(javac)H.JARExternalVerifierObfuscator

  • OOP (JIC)MoveableSetPosition()ValidatePos()ValidatePos()FigureDraw()SetColor()ValidatePos()2DPoint Pos

  • CLASS FILE

  • Classfile structure() Java classfile- ( JAR) JAVA

  • Classfile structure() classfile Classfile (big-endian) classfile

    Classfile JAVA

  • Classfile structure( ) (, ) - ()

  • Classfile structure( ) (int, float, long, double, UTF8) (, , ) 2^16

  • CONSTANT_Methodref_info CONSTANT_Class_info COCONSTANT_NameAndType_infoCONSTANT_Utf8_info

  • AttributesSourceFile - ConstantValue Code Exceptions InnerClasses Synthetic LineNumberTable LocalVariableTable Deprecated ()

  • Methods and attributesmethod_info { u2 access_flags; u2 name_index; u2 descriptor_index; u2 attributes_count; attribute_info attributes[attributes_count]; }

    attribute_info { u2 attribute_name_index; u4 attribute_length; u1 info[attribute_length]; } Code_attribute { u2 attribute_name_index; u4 attribute_length; u2 max_stack; u2 max_locals; u4 code_length; u1 code[code_length]; u2 exception_table_length; { u2 start_pc; u2 end_pc; u2 handler_pc; u2 catch_type; } exception_table[exception_table_length];u2 attributes_count; attribute_info attributes[attributes_count]; }

  • JVM

  • JVM ? ?

  • JVM Subsystems

  • JVM ( JAVA )

  • JVM ( JAVA )JVM JVM JVM : ( ) +

  • JVMThread 1Thread 2JVM Op StackLocal VariablesParametersFrame3Runtime constpool

  • JVMMEMORYHEAPThread 1Thread 2FRAME2ALUFRAME2FRAME1FRAME1FRAME STACK (call stack)JVM Op StackFRAME1

  • BYTE code() 8 (IS ) 8, 32, 64

  • BYTE code( )byte - 8-bit short - 16-bit int - 32-bit long - 64-bit char - 16-bit UNICODE floatdouble

  • BYTE code() Push - Pop - , , , ,

  • Size reductioniconst_m1iconst_nn = if (x < 9 && x > 3) then x 3 else OTHER_OPCODEpush (byte)npush (byte)-1bipushsipushpush xpush xldcldc_wpush CONST_POOL[x]push CONST_POOL[x]

  • Vierifierinvoke virtual . ?verifier runtime

  • JITPros vs ConsTime 2x-40x fasterMemory Overhead 5x-10xCompilationJIT Just-In-TimeAOT Ahead-Of-TimeHI Hotspot Implementations

  • Garbage collection( ) ... ... ,

  • Obfuscation

  • Obfuscation and JavaPros Java Cons Reflection Java

  • DecompilersGoto for synchronized - Java , . ,

  • Decompilersint tmp;tmp = a;a = b;b = tmp;iload_0istore_2iload_1istore_0iload_2istore_1

    iload_0iload_1istore_0istore_1b = aa = b .

  • Obfuscation - Names and profiles (Retroguard)GNU GPL

  • Names and profiles (JODE)

    GNU GPL , (, , )

  • Names and profiles (SandMark) watermarking, tamper-proofing code obfuscation by Venkatesan, Collberg, Stern, and others

  • Names and profiles (DashO)CommercialSuns choiceFeaturesPackage/Class/Method/Field renaming using our patented Overload-Induction(tm) renaming system Unused Class/Method/Field and constant pool entry removal Advanced Control Flow Obfuscation String Encryption Class and method level optimization to improve JIT performance

  • Names and profiles

    (name mangling) (code mangling) (strings enscription)Retroguard?SandMark??DashO JODE?

  • Where is more information available? Java SUN : http://sunsite.nstu.ru/java-stuff/vmspec/ classfile ftp://ftp.cs.arizona.edu/reports/2004/TR04-11.pdf http://www.retrologic.com/retroguard-docs.htmlhttp://sandmark.cs.arizona.edu/publications.htmlhttp://www.preemptive.com/products/dasho/Features.html

  • THE END

  • Q & A