Display of the workflow schema of the Web Shrinker from the original to shrunken code.
To implement this idea, the given source code must be analyzed automatically to identify the code structure, or to filter out variables, instructions and other language elements. The obfuscation thereby takes place in two separate parts:
- Manipulate the syntax tree according to clearly defined rules and then output as a masked file.
Clearly defined rules can now be applied to the syntax tree created in the first part, to obfuscate it. These rules are called obfuscation rules. Some of the rules used are listed:
- Rename meaningful variables as meaningless variables (irreversible)
Linguistically well-marked and significant variables such as 'LoopCount' are transformed into meaningless strings that have no connection with the actual code e.g. "x_".
- Remove comments from source documentation (irreversible)
Each commented line in the source code helps one understand the execution of the program. This help is removed by a complete deletion of documentation.
- Deconstruction of well-structured block layout
A clear code structure helps you understand right away which statements belong to which sub-programs, functions or loops. The destruction of the block structure makes it difficult for unauthorized third parties to understand the source code.
- Restructuring of the program sequence
The supreme discipline of obfuscation: by the active change of program flow, such as the transformation of loops into recursive function calls, a maximum level of opacity is produced.
After the syntax tree has been manipulated using these rules, the final output is put into a (now) obfuscated file. The focus here is on a valid transition through the obfuscation process so that the masked code has exactly the same functionality as its unmasked counterpart.