Obfuscation is the practice of making something difficult to understand. Programming code is often obfuscated to protect intellectual property and prevent an attacker from reverse engineering a proprietary software program. Obfuscation may involve encrypting some or all of the code, stripping out potentially revealing metadata, renaming useful class and variable names to meaningless labels or adding unused or meaningless code to an application binary. A tool called an obfuscator can be used to automatically convert straight-forward source code into a program that works the same way, but is much harder to read and understand.
Another reason for obfuscating code is to prevent it from being attacked. Programs written in software languages that are compiled, such as C or C++ lend themselves to obfuscation. Unfortunately, malicious code writers who want to hide or disguise their code's true purpose also use obfuscation to prevent their malware from being detected by signature-based antimalware tools. Deobfuscation techniques, such as program slicing, can sometimes be used to reverse engineer obfuscation.
Continue Reading About obfuscation (obfu)
Dig Deeper on Software Security Testing Tools
Margaret Rouse asks:
Why should obfuscation be part of every program build?
0 ResponsesJoin the Discussion