Control Flow Obfuscation
Control Flow Obfuscation is the process by which PreEmptive Protection™ DashO™ for Android & Java rearranges the instructions in a method to make the flow of control more difficult for both humans and decompilers to follow. This has the effect of removing many of the patterns that decompilers look for when trying to reconstruct source code. Control Flow Obfuscation can cause decompilers to fail outright when attempting to decompile a method, or otherwise cause them to output code that is very difficult to comprehend.
You can enable or disable Control Flow Obfuscation on the Control Flow - Options page in the DashO GUI. You can also enable or disable individual Control Flow Obfuscation features:
- Block Jumbling
- Try/Catch Obfuscation
- Block Splitting
Note: Control Flow cannot leave the
LocalVariableTable
orLocalVariableTypeTable
attributes intact. It will remove most of the information from theLocalVariableTable
attribute, and will remove theLocalVariableTypeTable
attribute entirely, even if DashO is configured to not remove those attributes. TheLocalVariableTable
attribute also contains the names of method parameters. With Control Flow, method parameter names will be retained if DashO is configured to keep theLocalVariableTable
attribute. A warning will be emitted indicating that some of the information was removed.
Block Jumbling
Block Jumbling allows DashO to randomly change the order in which code blocks appear in a method's bytecode without changing the order in which they are run by the JVM. This feature works best with many blocks - if the existing flow of control for a method is relatively simple, then Block Splitting may be useful to create more blocks to rearrange.
Try/Catch Obfuscation
Try/Catch obfuscation adds Try/Catch handlers to methods, breaking up control flow patterns that many decompilers depend on. You can configure the maximum number of Try/Catch handlers to be added to each method on the Control Flow - Options page.
Block Splitting
Block Splitting splits individual blocks of code into smaller blocks of code. This gives Block Jumbling more blocks to work with, making it significantly more effective, especially on simpler methods.
Block Splitting can add many instructions to a method, increasing its size and potentially slowing down the execution of the method. To control this effect, you can increase or decrease the minimum number of bytecode instructions that should be in a block created by Block Splitting on the Control Flow - Options page. A higher minimum for this number will result in fewer, longer blocks and fewer new instructions.
Note: If you enable Block Splitting and are protecting Android applications which run on older devices that use the Dalvik VM (e.g. KitKat), enable Dalvik Compatibility on the Control Flow - Options page.
Includes/Excludes
Control Flow Obfuscation provides strong protection for your code, but it can also have a substantial effect on runtime performance and code size. You may want to exclude classes or methods from Control Flow Obfuscation if they contain performance critical code, or you may want to to focus Control Flow Obfuscation on portions of your code that contain particularly sensitive algorithms.
You can turn Control Flow Obfuscation on or off for specific methods using the Control Flow - Include and Control Flow - Exclude pages in the DashO GUI. By default, any methods not covered by Exclude rules are included, and DashO will apply Control Flow Obfuscation to them. If you add any Include rules, only methods covered by those Include rules will be included.