Abstract: Three new obfuscation techniques. Data field obfuscation replaces references to data fields that use an object name and a field name with references that use an object name but do not use a field name. Obfuscation using the reflection mechanism for the executable code works by replacing a construct in the executable code with one or more equivalent constructs made using the reflection mechanism. Obfuscation of externally-defined constructs is done by relating the externally-defined construct to an obfuscation for the construct that is used within the executable code. The relationship is defined in a portion of the executable code, and at least the externally-fined construct is encrypted in the portion. The various obfuscation techniques may be used with each other or with other previously-known obfuscation techniques. The disclosed obfuscation techniques are particularly well-adapted for use with the byte codes produced by Java language compilers from Java language programs.

Abstract: Techniques for using a class loader to protect mobile code against a malicious host. The techniques include using the class loader to extend a class used by the mobile code such that a method is added to the code which authenticates the mobile code. When executed, the method provides a dynamic watermark that authenticates the code. The method may be encrypted until it is added to the code. One such method uses a static watermark in the code to determine whether the code has been modified.