Control Flow Obfuscation
Control Flow Obfuscation is the process by which PreEmptive Protection™ DashO™ rearranges the instructions in a method to make the flow of control more difficult for both humans and decompilers to follow. This has the effect of removing many of the patterns that decompilers look for when trying to reconstruct source code. Control Flow Obfuscation can cause decompilers to fail outright when attempting to decompile a method, or otherwise cause them to output code that is very difficult to comprehend.
You can enable or disable Control Flow Obfuscation on the Control Flow - Options page in the DashO GUI. You can also enable or disable individual Control Flow Obfuscation features:
- Block Jumbling
- Try/Catch Obfuscation
- Block Splitting
Note: Control Flow cannot leave the
LocalVariableTypeTableattributes intact. It will remove most of the information from the
LocalVariableTableattribute, and will remove the
LocalVariableTypeTableattribute entirely, even if DashO is configured to not remove those attributes. The
LocalVariableTableattribute also contains the names of method parameters. With Control Flow, method parameter names will be retained if DashO is configured to keep the
LocalVariableTableattribute. A warning will be emitted indicating that some of the information was removed.
Block Jumbling allows DashO to randomly change the order in which code blocks appear in a method's bytecode without changing the order in which they are run by the JVM. This feature works best with many blocks - if the existing flow of control for a method is relatively simple, then Block Splitting may be useful to create more blocks to rearrange.
Try/Catch obfuscation adds Try/Catch handlers to methods, breaking up control flow patterns that many decompilers depend on. You can configure the maximum number of Try/Catch handlers to be added to each method on the Control Flow - Options page.
Block Splitting splits individual blocks of code into smaller blocks of code. This gives Block Jumbling more blocks to work with, making it significantly more effective, especially on simpler methods.
Block Splitting can add many instructions to a method, increasing its size and potentially slowing down the execution of the method. To control this effect, you can increase or decrease the minimum number of bytecode instructions that should be in a block created by Block Splitting on the Control Flow - Options page. A higher minimum for this number will result in fewer, longer blocks and fewer new instructions.
Note: If you enable Block Splitting and are protecting Android applications which run on older devices that use the Dalvik VM (e.g. KitKat), enable Dalvik Compatibility on the Control Flow - Options page.
Control Flow Obfuscation provides strong protection for your code, but it can also have a substantial effect on runtime performance and code size. You may want to exclude classes or methods from Control Flow Obfuscation if they contain performance critical code, or you may want to to focus Control Flow Obfuscation on portions of your code that contain particularly sensitive algorithms.
You can turn Control Flow Obfuscation on or off for specific methods using the Control Flow - Include and Control Flow - Exclude pages in the DashO GUI. By default, any methods not covered by Exclude rules are included, and DashO will apply Control Flow Obfuscation to them. If you add any Include rules, only methods covered by those Include rules will be included.