What Is Obfuscation In Security And What Types of Obfuscation Are There?

What Is Obfuscation In Security And What Types of Obfuscation Are There

Obfuscation is a mighty technique widely used by hackers as well as security teams all over the globe. They have different motivations to use obfuscation, but their aim is the same – to make the source code unintelligible, difficult to comprehend, and interpret. Let’s have a look at some of the types of obfuscation.

 

Reasons to use obfuscation

Hackers use obfuscation to hide the behavior of their malicious code and make the job of reverse engineers more challenging.

Security teams use obfuscation to protect intellectual property – they obfuscate the source code of complex algorithms to hide implementation details. Even more importantly, obfuscation prevents attacks that can arise from reverse engineering of a program and finding vulnerabilities in it.

 

Types of obfuscation

Obfuscation can occur in high-level programming languages, but it can also be found on the assembly level. Some examples of obfuscation techniques are:

 

1. Variable renaming and String encryption

Obfuscation on higher levels includes variable renaming to hide the true purpose of these variables or string encryption to make all the messages unreadable (strings then have to be decrypted during runtime).

2. Code flow obfuscation

An even more powerful way to scramble the source code is code flow obfuscation. This technique includes adding unnecessary case-switches or rebuilding the structure and conditions of nested if statements in an unintuitive way.

 

Reduce overall development costs by identifying and eliminating security gaps within an application while still under development.

 

3. Obfuscating debug information

Another method is completely disabling debug information or at least obfuscating them, for example changing line numbers and file names in debug data.

4. Address obfuscation

Obfuscation on lower levels can include address obfuscation. This technique ensures that each time a program runs, it has different code and data addresses. Such an approach prevents exploits in non-memory safe languages.

5. Assembly code obfuscation

Assembly code obfuscation can cause the disassembler to produce incorrect output. Examples of such behavior are combining binary and decimal with assembly instructions, indirect addressing, jump in the middle of instruction, etc.

 

Conclusion

There are many obfuscation techniques and all of them can be used for good as well as for bad purposes. Security teams encounter obfuscation every day when they either try to protect their code or deobfuscate some malicious code originating from hackers.