Duration: 1+ months
In our Leuven-based Java team we work on manipulating Java bytecode. All our software is based on our open source bytecode manipulation library ProGuardCORE ( https://github.com/Guardsquare/proguard-core ).
On top of ProguardCORE we mainly develop 2 different products: ProGuard and DexGuard. ProGuard is a shrinker and optimizer for all Java and Android applications, it makes them smaller and faster. DexGuard is a code hardening tool, which makes Android apps harder to understand for a reverse engineer.
The goal of obfuscation metrics reporting is to give a concise overview of how effective the configuration is at applying protection to the application. Defining metrics that summarize this correctly and are intuitive is challenging. The main difficulty is that various pieces of the optimization/obfuscation process interact with the data in different ways. For example, how should the metric take into account shrunk resources when it reports how many it has obfuscated? It is misleading to not take that into account, but providing each piece of information that interacts with the data is too overwhelming.
The goal of this internship is threefold. First, to review the current metrics that DexGuard has defined, to make sure that they make sense intuitively. Second, to implement improvements in cases where they do not. Third, to research and define further possible improvements to the metrics.
- Experience with Java
- Ability to independently perform structured research into a topic
Guardsquare offers the most complete approach to mobile application security on the market. Built on the open source ProGuard technology, Guardsquare’s software integrates seamlessly across the development cycle. From app security testing to code hardening to real-time visibility into the threat landscape, Guardsquare solutions provide enhanced mobile application security from early in the development process through publication.
More than 900 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications against reverse engineering and tampering.
Guardsquare is based in Leuven (Belgium) with offices in Boston (USA) and Munich (Germany).
At Guardsquare, we take pride in being a diverse and multicultural company with team members representing numerous nationalities. We value different perspectives and opinions throughout the business which has contributed to our being the market leader in mobile application security.
You will be part of a dynamic team that strives for excellence and focuses on continuous education and enhancement in skills. We encourage & empower our trusted colleagues to share their opinions, actively collaborate, and continue to learn and grow.