Methods to prevent .Net programs from hackers. Any new idea?
Softwares are programmed, developed and packaged to achieve different functionality within a system in different application form. This helps to run desired application thereby storing different kind of important data and information. These source codes used to program or develop the application is the most vital part of the software. These codes can be written in various programming languages like C, C++, C#, Java, .Net, PHP etc .
If anybody want to tamper with the information or data present with the applications, then they have to hack the programming structure and manipulate the source code. In other words , by disassembling the program, one can easily hack into the application and can easily make changes to the program or get an access to the information stored and thus software protection become difficult. There is a big challenge to restrict the reengineering process and stop hackers from entering the system/ application and prevent them from disassembling the source codes. Software obfuscation is nothing but to prevent the codes from getting deciphered by encrypting the programming languages. Also, another thing has to be ensured that the application should run smoothly with all its functionality and properly executable after being obfuscated.
Some researchers are working on the model to encrypt IP ( Intellectual Property ). The model is based on multilinear Jigsaw puzzle where the functional encryption will be in the form of patch which will be extremely difficult to decipher. Secondly, this encryption allow the user to receive message on the information they requested for and not the other messages which are not meant for them thereby reducing the chances of decoding.
Coding languages like C#, VB.NET, C, C++, Perl Programming Language can be easily obfuscated (.Net Obfuscator) as compared to other coding languages. There are also disadvantages tagged to obfuscation and one of which can be hiding malicious codes where Antivirus will be unable to detect.
There are many obfuscation techniques to be discussed inorder to prevent the source codes from being hacked.
1. Renaming the code structure like class, strings, methods, property, fields, events etc. This renaming will be difficult to decipher by hackers. Another type of renaming can be by giving the same name to two different class and methods. This confuse a great deal to the code extractors
2. By hiding call to methods and properties from external assemblies like .Net framework for .Net Protection
3. By encrypting strings which contains passwords, login information, queries etc.
4. At times hackers hide the name verification keys to skip the verification process. But, this technique will not allow to hide the verification keys.
5. .Net assembly codes can be decompiled easily ,so, control flow obfuscation changes the structure of the codes into spaghetti code while maintaining 100% logic and output.
Protection techniques has to be updated now and then and more cost cutting obfuscation techniques should be developed to keep a step ahead of the hackers.