Metrics for measuring the effectiveness of decompilers and obfuscators

  • Naeem N
  • Batchelder M
  • Hendren L
  • 18

    Readers

    Mendeley users who have this article in their library.
  • 9

    Citations

    Citations of this article.

Abstract

Java developers often use decompilers to aid reverse engineering and obfuscators to prevent it. Decompilers translate low-level class files to Java source and can produce "good" output. Obfuscators transform class files into semantically-equivalent versions that are either: (1) difficult to decompile, or (2) decompilable, but result in "hard- to-understand" Java source. We present a set of metrics developed to quantify the effectiveness of decompilers and obfuscators. The metrics include some selective size and counting metrics and an expression complexity metric. We have applied these metrics to evaluate a collection of decompilers and obfuscators. By quantitatively comparing original Java source against decompiled and obfuscated code respectively, we show which decompilers produce "good" code and whether obfuscations result in "hard-to-understand" code.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

Authors

  • Nomair A. Naeem

  • Michael Batchelder

  • Laurie Hendren

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free