CODE PROTECTION

from Decompilation by Obfuscation of Code

In the 21st century, we spend a significant part of our lives in the online world. So, it is easier to steal private data, passwords, intellectual property, and tools via the Internet. The cure for this kind of piracy is code obfuscation. To learn more, read below!

What Is Code Obfuscation?

Code obfuscation presents the source code (or its part) in a more confusing way. Thanks to such a modification, it becomes harder to read, understand, interpret, and decrypt.

In this way, developers protect trading tools and EAs from cracking. Intruders will need more knowledge, finances, and time to break down the code. In general, hackers give up the decompilation supposing it is not worth their efforts. But if they manage to do it, the deobfuscated code becomes unintelligible.

Even though obfuscation transforms the source code into the crabbed one, it does not influence program functionality, code output, and final result.

Why Should I Use the Source Code Obfuscation?

You have to use this method to protect your tools and Expert Advisors against:

  • application piracy and cloning
  • code injection, modification of its logic, or other kinds of malicious access to source code
  • discovering trade secrets
  • extracting and tampering vulnerable and confidential information (or critical data) of users
  • intellectual-property theft
  • reverse engineering
  • stealing passwords and keys
  • unauthorized access
  • and other types of intrusions.

Obfuscation Techniques

Address obfuscation changes the virtual addresses of data and code, randomizing their location in memory.

Anti-tamper is the code self-protection done by stopping the program, shutdown, functionality limitation, crashes, etc.

Assembly code instruction obfuscation performs replacing common instructions with more complex ones by:

  • using overlapping instructions that cause hiding one code in another code
  • adding unnecessary control statements
  • including garbage, dummy, or dead code.

Control/Data flow obfuscation is changing the code direction and the order of program execution statements. There is the introduction of arbitrary instructions, unexpected conditional constructs (predicates), meaningless control loops, or dead code that will never be fulfilled. The decompiled code gets unstructured spaghetti logic with the transposition of statements.

The custom encoding provides string encoding using custom algorithms.

Data transformation includes:

  • changing the data storage form (shuffle between local or global)
  • reordering data
  • replacing a value with a statement.

It hides the real nature and purpose of variables and their behavior.

Debug obfuscation/Anti-debug provides changing string numbers, names of debug data files, and removing the debug info, metadata, and unused code. Hackers can examine the source code by using debug data for reverse engineering.

Metadata obfuscation is hiding text message calls of the source code and encrypting metadata:

  • names of categories
  • classes
  • methods
  • variables
  • etc.

Renaming is replacing class and variable names with new confusing ones. It can be performed with:

  • unprintable or invisible characters
  • numbers
  • notations
  • data formatting
  • code comments removing.

Renewal of obfuscated code provides regular updates of obfuscated software. It means that hackers have to look for new ways of decompilation with each new update.

String encryption is hiding all the readable strings.

Developers (together with a security team) must select those obfuscation techniques that are most suitable for a particular software. At the same time, they must consider the client's requirements and different protection threats.

Moreover, not every code part needs obfuscation. Coders should identify code fragments containing confidential data, crucial algorithms, or intellectual property. Then they can obfuscate them.

Which of these approaches is the best one? All methods are great when merged since they create a layered defense effect.

How to Strengthen Protection?

To double the tool security, use the obfuscation+DLL combo.

With the Dynamic Link Library, you can protect your tools from:

  • program copying
  • bypassing licensing
  • decompilation
  • discovering methods, strategies, and other trading secrets used in the code
  • extracting vulnerable and confidential data
  • etc.

Locate EA logic, calculations, and other aspects into the DLL. Thus, they won't be seen in your trading robot. That makes decompilation useless.

There are 2 steps to apply the DLL approach:

  1. The code part and all the valuable data are moved/hidden to a separate library file (.dll)
  2. The DLL links with the main executable and is used by it.

So, an intruder has to crack as many as 2 files(!):

  • the strategy/main file
  • the DLL file.

To perform it, the attacker should use different instruments and techniques. x2 the hassle.

Yeah, he can hack an EA code applying a lot of effort and specific knowledge. But it will be much more complicated to commit this with the DLL file.

Suppose a hacker manages to decompile the DLL miraculously. What's next? The deobfuscated code will transform into the Assembler machine language. Such a code is incredibly difficult to read. Moreover, the source code restoration (custom types, classes, etc.) is tremendously hard or even impossible.

Thus, disassembly makes the reverse engineering process extremely difficult. The IT villain may even give up on the procedure because the spent finances, time, and effort aren't worth it. Decompilation is unprofitable and unreasonable since the expenses are too high.

The DLL is the powerful solution that 4xDev provides. Protect your tools against decompilation!

Pros and Cons of Obfuscation

Pluses

It is difficult for cybercriminals to read and analyze rendered code. The hacker will simply get confused in the complex semantics, syntax, and redundant logic of the converted code.

It increases the code protection from reverse engineering and complicates obtaining valuable code information.

Some methods optimize the code by removing unnecessary (or dead code) components, metadata. So, it skyrockets code performance.

Minuses

There is no 100% guarantee of protection. Automated deobfuscators and experienced hackers may reconstruct the obfuscated source code.

Obfuscation can be used to hide malicious code to evade antivirus systems.

If you use the script encryption obfuscation technique, the string decryption during program runtime slows code performance. So, the code is more difficult to read. The more complex the obfuscation method, the harder code performance.

Obfuscation Success Criteria

Strength is the resistance to automated deobfuscation:

  • disassemblers
  • decompilers
  • debuggers
  • and other instruments allowing bad actors to access and analyze source code.

Potential is the ability to confuse intruders. The more time and resources it takes to hack, the more reliable the obfuscation.

Differentiation is the difference between the obfuscated code and the source one. The more predicates, the more complex the code.

Complexity is the presence of several protection layers that ensure obfuscation success.

4xDev Obfuscation Method

If you want to sell your tools, you need special prevention of cracking down software. The 4xDev company offers an encryption method called “Code Obfuscation”.

All important numbers in the EA are manually encoded with variables. They are assigned a value from the names of individual functions.

Even if an attacker manages to crack the executable file of the EA, all the names of the functions will be lost. Moreover, the “Array out range in... “ errors will be generated.

Even if the hacker can fix all these errors, the decompiled strategy will still not work. So, an intruder will have to guess absolutely all the numbers used by the strategy, which is impossible.

Also, the strategy will be compiled (.ex4/5) using MQL Cloud Protector, which additionally encrypts the executable file using asymmetric algorithms.

We will not encrypt the input parameters because this makes no sense. Their values are already known in the EA settings.

In Conclusion

Unfortunately, the threat of hacking always exists. Do you want to sell your tools, but are worried that your idea can be stolen? Apply the "Code Obfuscation" method. So, your idea will always be protected!

That is why, to protect your tools and EAs from malicious actions, use the services of 4xDev coders. We will select the most suitable obfuscation techniques and create efficient obfuscated code considering:

  • protection needs
  • tool's nature
  • performance benchmark.

Our security professionals provide our clients with a perfect safety/performance balance.

So, code obfuscation resists code intrusion and preserves the arithmetic and logical idea of your tools. Your EAs remain encrypted even after hacker attacks.

Be 99.9% protected! Contact 4xDev!