Korobeinikov A.G., Kutuzov I.M. —
Obfuscation of concealment calls using InvokeDynamic instructions
// Cybernetics and programming. – 2016. – ¹ 5.
– P. 33 - 37.
DOI: 10.7256/2306-4196.2016.5.18686
URL: https://en.e-notabene.ru/kp/article_18686.html
Read the article
Abstract: The object of the study is technology of hiding method calls. Hidden calls are need to hide: entity dependencies; data processing logic; algorithms. The methods used to complete the task are limited by language technologies and its performance. Method can be called directly and indirectly: via the bootstrap method; from native code (JNI); using Reflection; using JRE 1.7, InvokeDynamic. The examples with source code are given. The authors conclude that the most promising methods among considered is invokedynamic technology. The study present analysis of such methods as the bootstrap method, calling method from through native code, obfuscation calls via Reflection and InvokeDynamic. The article discusses various ways to conceal the method invocation. The characteristic features of obfuscation for most popular ones are reviewed. The most promising among the discussed methods is invokedynamic technology. It allows completely removing method signature from the source code, leaving only the service information for the bootstrap method. With proper implementation of the bootstrap method it is possible to create bytecode, which will be impossible to decompile into valid Java code, Groovy's or Scala.
Korobeinikov A.G., Grishentsev A.Y., Kutuzov I.M., Pirozhnikova O.I., Sokolov K.O., Litvinov D.Y. —
Developing of the mathematical and simulation models for calculation of an estimate of informatization object protection from unauthorized physical access
// Cybernetics and programming. – 2014. – ¹ 5.
– P. 14 - 25.
DOI: 10.7256/2306-4196.2014.5.12889
URL: https://en.e-notabene.ru/kp/article_12889.html
Read the article
Abstract: Methods and techniques allowing to calculate quantitative estimates of level of protection from unauthorized physical intrusion for different informatization objects using various means and protection systems are currently being intensively developed. Generally the quantitative evaluation of protection is represented by a set of probability characteristics, the predominant of which is some integral indicator. Therefore, developing mathematical and simulation models for calculating an estimate of informatization object protection from unauthorized physical access is an urgent task. This model then is used as a part of a complex system of information security. To solve this problem the article presented uses methods of information protection, graph theory and probability theory. The results shown in the article were calculated using Maple system of computer algebra. Scientific novelty of the work is: – in creating a mathematical model for calculation the probability of detecting of unauthorized physical access to information by an alarm system;
– in bulding of a simulation model for evaluation of level of protection of informatization object from unauthorized physical access;
– in developing of a technique of evaluation of full protection from unauthorized physical access for object of informatization
Korobeinikov A.G., Kutuzov I.M. —
Obfuscation algorithm
// Cybernetics and programming. – 2013. – ¹ 3.
– P. 1 - 8.
DOI: 10.7256/2306-4196.2013.3.9356
URL: https://en.e-notabene.ru/kp/article_9356.html
Read the article
Abstract: The paper deals with the algorithm of Chenxi Wang’s, shows are the main disadvantages of this algorithm. The authors suggest the ways of modification to improve it. The algorithm of Chenxi Wang's is one of the most famous. The input data for the algorithm is the usual procedure, written in high level language. The authors describe the three stages of obfuscation of any such procedure. In the classic version of Chenxi Wang's the algorithm has poor stability. The authors suggest ways to improve stability of the algorithm, present modified version of the algorithm and reviews results of its implementation. The authors compare the source code and the resulting code and conclude that it is almost impossible to establish their functional identity and the logic of the program code is very difficult to understand using obfuscated source. Sometimes this can be done using the examples run of the resulting source code. This implies that after eliminating the shortcomings the algorithm is quite effective.