Definition

obfuscation (obfu)

Contributor(s): K. John Russell

Obfuscation is the practice of making something difficult to understand. Programming code is often obfuscated to protect intellectual property and prevent an attacker from reverse engineering a proprietary software program. Obfuscation may involve encrypting some or all of the code, stripping out potentially revealing metadata, renaming useful class and variable names to meaningless labels or adding unused or meaningless code to an application binary. A tool called an obfuscator can be used to automatically convert straight-forward source code into a program that works the same way, but is much harder to read and understand.

 

Another reason for obfuscating code is to prevent it from being attacked. Programs written in software languages that are compiled, such as C or C++ lend themselves to obfuscation. Unfortunately, malicious code writers who want to hide or disguise their code's true purpose also use obfuscation to prevent their malware from being detected by signature-based antimalware tools. Deobfuscation techniques, such as program slicing, can sometimes be used to reverse engineer obfuscation.

This was last updated in May 2016

Continue Reading About obfuscation (obfu)

Dig Deeper on Software Security Testing Tools

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

It is important indeed to protect a computer program with obfuscation, considering how harmful reverse engineering can be. With reverse engineering, the original developer of the computer program may not gain anything because the full source code of his program is compromised. Fortunately, there are plenty of companies out there which offer excellent obfuscation services. One good example is the PreEmptive Solutions (www.preemptive.com). Established in 1996, the company has achieved various milestones for the past eighteen years, such as releasing Visual Studio 2010 integrated with Dotfuscator CE in 2010 and partnering with Microsoft in 2012 to implement exception analytics in the Team Foundation Server 2012 and the Visual Studio 2012. With the PreEmptive Solutions, you can choose the product called the 'Dotfuscator for .Net' if you are developing an application in the .Net framework. Alternatively, if you are developing a mobile application, you can use the product known as the 'DashO' which is designated for Java and Android platforms.

Yet, have you ever been in confusion about what kind of obfuscation method you should choose? Sometimes, you may not know for sure what to choose among assembly encryption, native code protection, method body protection, and the plain obfuscation. This is such a company as Codewall Technologies (www.codewall.net) comes in handy. This company offers all of those obfuscation methods and they are even compatible with one another. This way, you will get the best of all worlds while trying to protect your application and the standalone libraries it may depend on.


If you are a dedicated mobile application developer, you should know how important it is to protect your application with obfuscation. As you know, the mobile industry is a quickly growing industry which is worth billions of dollars these days. This is why you will want to use Morpher (morpher.com). It will protect your mobile application with three benefits, which are, your mobile application will run as fast as it should, the algorithms you use will be safe from reverse engineering, and the obfuscation will be seamlessly integrated into the build chain of your application. Morpher is compatible with the C, C++, ObjC, and ObjC++ programming languages.
Cancel
Form of data masking where data is purposely scrambled to prevent unauthorized access to sensitive materials. this form of encryption results in unintelligible or confusing data used to prevent the intrusion of private and sensitive online data, such as electronic health records
Cancel
Why should obfuscation be part of every program build?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close