Control Flow Obfuscation
Control Flow Obfuscation is the process by which PreEmptive Protection - DashO rearranges the instructions in a method to make the flow of control more difficult for both humans and decompilers to follow. This has the effect of removing many of the patterns that decompilers look for when trying to reconstruct source code. Control Flow Obfuscation can cause decompilers to fail outright when attempting to decompile a method, or otherwise cause them to output code that is very difficult to comprehend.
You can enable or disable Control Flow Obfuscation on the Control Flow - Options page in the DashO GUI. You can also enable or disable individual Control Flow Obfuscation features:
- Block Jumbling
- Try/Catch Obfuscation
- Block Splitting
Control Flow cannot leave the
LocalVariableTypeTableattributes intact and will remove them, even if you configured DashO not to remove those attributes.
Block Jumbling allows DashO to randomly change the order in which code blocks appear in a method's bytecode without changing the order in which they are run by the JVM. This feature works best with many blocks - if the existing flow of control for a method is relatively simple, then Block Splitting may be useful to create more blocks to rearrange.
Try/Catch obfuscation adds Try/Catch handlers to methods, breaking up control flow patterns that many decompilers depend on. You can configure the maximum number of Try/Catch handlers to be added to each method on the Control Flow - Options page.
Block Splitting splits individual blocks of code into smaller blocks of code. This gives Block Jumbling more blocks to work with, making it significantly more effective, especially on simpler methods.
Block Splitting can add many instructions to a method, increasing its size and potentially slowing down the execution of the method. To control this effect, you can increase or decrease the minimum number of bytecode instructions that should be in a block created by Block Splitting on the Control Flow - Options page. A higher minimum for this number will result in fewer, longer blocks and fewer new instructions.
Control Flow Obfuscation provides strong protection for your code, but it can also have a substantial effect on runtime performance and code size. You may want to exclude classes or methods from Control Flow Obfuscation if they contain performance critical code, or you may want to to focus Control Flow Obfuscation on portions of your code that contain particularly sensitive algorithms.
You can turn Control Flow Obfuscation on or off for specific methods using the Control Flow - Include and Control Flow - Exclude pages in the DashO GUI. By default, any methods not covered by Exclude rules are included, and DashO will apply Control Flow Obfuscation to them. If you add any Include rules, only methods covered by those Include rules will be included.