New release, new Java bytecode tool

Promon SDK Protection™ provides a set of tools that protect libraries and SDKs for distribution to third parties. This includes native and Java bytecode protection with layered obfuscation and runtime controls.

The recent release of SDK Protection for Java highlights a new VM obfuscation feature that translates methods from Java bytecode to a separate format. This opcode format is interpreted by a native library loaded at runtime.

Stronger protection for SDKs

Promon SDK Protection™ for Java enables code obfuscation for Android Archives (AARs), along with JAR and ZIP files for other Java libraries and applications. Our new VM obfuscation provides a powerful new capability that moves method code into a native VM, making it invisible to conventional Java-level analysis.

This new capability makes the work of attackers significantly harder as they attempt to to reverse engineer or tamper with your SDKs distributed as AAR or JAR files. This new release is part of Promon’s broader mission to protect SDKs even when integrated into hostile environments, such as untrusted or compromised apps, rooted devices, or third-party app wrappers.

A higher bar for obfuscation

Traditional code obfuscation techniques work by hiding method names or adding complexity. But attackers can still access method logic given enough time. VM obfuscation takes the protection offered by traditional techniques to a higher level.

Now, method code and certain fields are moved into a native virtual machine. That means they are completely removed from the Java class files and replaces with calls to a native library.

From the perspective of an attacker attempting to reverse engineer an SDP, the logic has simply vanished. All they can see is the code with unreadable stubs that reference a native class, and no clear attack surface. The real code is moved into a protected .so library, encrypted and hidden from analysis.

But what does this look like in practice?

VM obfuscation in action

This first image shows unprotected Java code with readable method logic and full method bodies.

unprotected

This next image shows the same class, after applying VM obfuscation for protection. You can see that the logic is now stripped and replaced with native calls.

protected(1)

This native class is referenced in the obfuscated code but contains no readable logic in the bytecode. The new class in empty.

new_class

A new .so file (libyatuniti.so) is added to the APK and handles execution of protected methods.

solib

While strings are encrypted and decrypted by the native library, the library itself is protected using SDK Protection for native code.

VM obfuscation in business

This powerful new VM obfuscation feature means that attackers won't be able to modify or even read your logic, even if they decompile the host app. This is a major leap forward in protecting your IP, APIs, and sensitive business logic. In fact, VM obfuscation works best on larger codebases in which method logic is complex or business-critical.

Promon’s new VM obfuscation can be combined with other methods like debug detection and stripping, renaming, anti-decompilation for added layers of defense. These techniques and more are offered by SDK Protection to protect Java bytecode. For full APK protection of your entire app, see Promon SHIELD® for Android.

Your next step in SDK protection
Find out more about how Promon SDK Protection™ can protect your IP, streamline development workflows, and provide consistent security across Android and iOS SDKs.
Talk to us