1. Decompiling Java James Hamilton 0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 1 0 0 1 0 0 0 1 1 1 0 1

2. computer programs software companies sell theexecutableversion of their program but keep thesource codesecret software theives want the source code to change and re-sell 000101010101010110111111010110110 010100101101010110101010101010100 101001010101010101010101010111111 101001000000010101010101010101010 101001010101111111101010101110001 softwarecompany softwaretheif 3. stealing computer programs bydecompilation software theives may attempt todecompilean executable program to access the source code softwarecompany softwaretheif 4. Java bytecode Java bytecode can be generated and manipulated by different tools 5. effectiveness of current Java decompilers

10 decompilers tested 6. 10 programs testing different problem areas

• 6javacgenerated 7. 4 abitrary

effectiveness scale

8. effectiveness of current Java decompilers - results 9. protecting computer programs usingcode obfuscation software companies may obscure their programs to protect from decompilation softwarethievesfind it difficult to understand and decompile programs 00010101010101!&^%&01111010110110 010^%$&&$101011010101010$%$00 10100101$%$^$%&!*)(*^&$%01111 10%$&%$000010101010^&%!10101010 10100101$$&^**^%%((!$1010^01110001 softwarecompany softwarethief 10. protecting computer programs usingsoftware watermarking software companies can hide marks in their softwaree.g. copyright notices, end-user identifcation does not prevent copying but provides a way to prove ownership 000101010101010110111111010110110 010100101COPYRIGHT1010101010100 10100101010USER01010101010111111 101001000000JAMES010101010101010 101001010101111111101010101110001 softwarecompany softwarethief 11. stealing programs usingprogram slicing softwarethievesmaysliceprograms to remove obfuscationsand watermarksand reveal only the useful parts softwarecompany softwarethief 12. research questions

how can we improve decompilers? 13. is it possible to create a perfect decompiler? 14. what obfuscations and watermarks could be applied to computer programs to hinder decompilation and software theft? 15. how effective are such obfuscations and watermarks? 16. what are the ways in whichadversariescould attack obfuscations and watermarks? 17. how can we use this knowledge to create secure programs?

softwarecompany softwarethief 18. questions?