Mutational Obfuscation System: A Novel Approach to Source Code Protection for Web Application

Joong Sun Oh, Sun Woong Yang, Kyung Ho Lee

Research output: Contribution to journalArticlepeer-review

Abstract

Web applications have become popular attacking targets for years. To protect web applications from intruders, many obfuscation techniques have been proposed. Most of those obfuscation software applications have been developed to obfuscate the client-side source code. However, one of the most vulnerable parts of web applications is the server side, especially when Java language is used, because that is where the core part of web applications including sensitive data as well as business logic is stored and processed. To safeguard the source code on server-side, the Mutational Obfuscation System (MOS) has been proposed. This system protects web application source code by obfuscating the java class files, packaging and encrypting those class files before it is sent and deployed to the web server. Moreover, to assure that the web application works well after being obfuscated by the MOS system, the availability checking tool has been exploited. Our experiment result shows that the security of the server-side source code has been intensified and the performance of the web application is maintained after the source code is obfuscated.

Original languageEnglish
Pages (from-to)3827-3837
Number of pages11
JournalJournal of Electrical Engineering and Technology
Volume18
Issue number5
DOIs
Publication statusPublished - 2023 Sept

Bibliographical note

Publisher Copyright:
© 2023, The Author(s) under exclusive licence to The Korean Institute of Electrical Engineers.

Keywords

  • Java obfuscation
  • Mutation
  • Mutational obfuscation
  • Obfuscation
  • Web obfuscation

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Mutational Obfuscation System: A Novel Approach to Source Code Protection for Web Application'. Together they form a unique fingerprint.

Cite this