Metrics for measuring the effectiveness of decompilers and obfuscators

  • Naeem N
  • Batchelder M
  • Hendren L
  • 18


    Mendeley users who have this article in their library.
  • 9


    Citations of this article.


Java developers often use decompilers to aid reverse engineering and obfuscators to prevent it. Decompilers translate low-level class files to Java source and can produce "good" output. Obfuscators transform class files into semantically-equivalent versions that are either: (1) difficult to decompile, or (2) decompilable, but result in "hard- to-understand" Java source. We present a set of metrics developed to quantify the effectiveness of decompilers and obfuscators. The metrics include some selective size and counting metrics and an expression complexity metric. We have applied these metrics to evaluate a collection of decompilers and obfuscators. By quantitatively comparing original Java source against decompiled and obfuscated code respectively, we show which decompilers produce "good" code and whether obfuscations result in "hard-to-understand" code.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Nomair A. Naeem

  • Michael Batchelder

  • Laurie Hendren

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free