| 基于融合编译的软件多样化保护方法 |
| |
| 作者姓名: | 熊小兵 舒辉 康绯 |
| |
| 作者单位: | 信息工程大学,河南 郑州 450001 |
| |
| 基金项目: | 国家重点研发计划(2016YFB08011601) |
| |
| 摘 要: | 针对现有主流保护方法存在的特征明显、模式单一等问题,以 LLVM 开源编译框架为基础,提出了一种基于融合编译的软件多样化保护方法,该方法将目标软件进行随机化加密处理,并在编译层面与掩护软件进行深度融合,通过内存执行技术,将加密后的目标软件进行解密处理,进而在内存中以无进程的形式执行,利用掩护代码的多样性、融合策略的随机性来实现目标软件的多样化保护效果。选取了多款常用软件作为测试集,从资源开销、保护效果、对比实验等多个角度对所提方法进行了实例测试,从测试结果可以看出,所提方法资源开销较小,相较于混淆、加壳等传统方法,所提方法在抗静态分析、抗动态调试等方面具有较大优势,能有效对抗主流代码逆向分析和破解手段。
|
| 关 键 词: | 软件保护 多样化 融合编译 内存执行 底层虚拟机 中间表示 |
Method of diversity software protection based on fusion compilation |
| |
| Authors: | Xiaobing XIONG Hui SHU Fei KANG |
| |
| Affiliation: | Information Engineering University,Zhengzhou 450001,China |
| |
| Abstract: | For the obvious characteristics and single mode of the existing common protection methods,with the help of the LLVM framework,a diversity software protection method based on fusion compilation was proposed.In the proposed method,the target software is encrypted randomly,and deeply integrated with the bunker code at the compilation level,and the encrypted target software is decrypted by memory execution technology.Then it is executed in the form of no process in memory,and the diversified protection effect of the target software is realized by the diversity of the bunker and the randomness of the fusion strategies.A number of commonly used software are selected as the test case,and the proposed method is tested from the aspects of resource cost,protection effect,comparative experiment and so on.Compared with the traditional methods such as obfuscation and packing,the proposed method has great advantages in anti-static analysis and anti-dynamic debugging,and can effectively resist the mainstream methods of reverse analyzing and cracking. |
| |
| Keywords: | software protection diversification fusion compilation memory execution LLVM intermediate representation |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
