DexGuard is based on ProGuard. That is the reason why it is so easy to upgrade to DexGuard. But both products offer widely different functionality. ProGuard is a generic optimizer for Java bytecode while DexGuard provides advanced protection for Android applications. In this blog, you will find an overview of the differences between ProGuard and DexGuard.
ProGuard is a versatile optimizer for Java bytecode. It enables you to shrink, optimize and obfuscate desktop applications, embedded applications and mobile applications (Android). DexGuard, on the other hand, is specifically designed to protect and optimize Android applications. The multilayered protection DexGuard provides is adapted to the distributed and quickly evolving environment in which mobile applications are used. In addition, DexGuard offers functionality that helps you to make optimal use of the Android platform. It comes with a tuned configuration for the Android runtime and for common libraries (Google Play Services, Dagger, Realm, SQLCipher etc.) and automatically splits DEX files that exceed the size limits imposed by the format (MultiDex).
Hackers generally combine two approaches when attempting to reverse engineer an application. They try to gain access to the source code of the application by using decompilers (static analysis) and they monitor the behavior of the application at runtime (dynamic analysis). ProGuard offers basic protection against static analysis only, while DexGuard shields applications from both static and dynamic analysis. DexGuard does not only harden the source code of the application using a multitude of obfuscation and encryption techniques but also integrates a series of runtime security mechanisms (runtime application self-protection) into it. These mechanisms check the integrity of the application and of the environment in which it is running and enables the application to react whenever suspicious activity is detected.
Both ProGuard and DexGuard harden the code of applications to shield them from reverse engineering, but the extent to which they do is different. ProGuard offers basic protection in the form of name obfuscation. DexGuard does not only obfuscate names of classes, fields and methods, but also arithmetic and logical expressions in the code and the control flow of the code inside methods. In addition, DexGuard encrypts strings and classes and adds reflection to access-sensitive APIs. The result is a much better protected application.
While ProGuard’s action is restricted to the bytecode of Java applications, DexGuard provides 360-degree protection. Besides the Dalvik bytecode, it optimizes, obfuscates and encrypts manifest files, native libraries, resources, resource files and asset files.
ProGuard can be downloaded and used free of charge to process your commercial and non-commercial applications. All the information you need to set up ProGuard is detailed in the online manual. DexGuard is a commercial product. A license allows you to use DexGuard and gives you access to a team of experienced engineers that can help you set up and configure the software.