What is Obfuscation?
Obfuscation is the deliberate act of creating obfuscated code, i.e. source or machine code that is difficult for humans to understand. It is something similar to encryption however machine can able to understand the code and able to execute the code. Best case scenario, it might be to hide intellectual property. Worst case, it’s to hide some malicious intent.
- Code size will be reduced.
- Control flow flattening
- Hide the business logic and your code from others.
- Strings extraction and encryption
- Dead code injection
- Reverse Engineering is highly difficult.
Often obfuscation is confused with encryption, however, they are completely different things. Encryption conceals a message by translating it to a seemingly random format that can only be decoded using a hidden key.
By comparison, obfuscation actually masks the message by making it hard to read and by translating it from one format to another. One crucial distinction being that an encrypted script will not be explicitly readable without first using a secret key to decrypt it. Obfuscated scripts on the other hand should be explicitly executable and should deliver exactly the same results as the original script.
However, this does not mean encryption is not used to conceal malicious code, it definitely does. If code is encrypted, the attacker must be able to decode this code before executing it on the target computer , which means that this form of attack demands a much higher degree of complexity.