| 基于不透明谓词的软件抗动态逆向分析研究 |
| |
| 引用本文: | 韩翔宇,李强,黄海军,余祥.基于不透明谓词的软件抗动态逆向分析研究[J].计算机应用研究,2017,34(8). |
| |
| 作者姓名: | 韩翔宇 李强 黄海军 余祥 |
| |
| 作者单位: | 电子工程学院,电子工程学院,电子工程学院,电子工程学院 |
| |
| 基金项目: | 技术基础条件建设项目(72131022);电子工程学院科研基金资助项目(KY15N639)。 |
| |
| 摘 要: | 传统的不透明谓词对谓词内部逻辑结构进行复杂化,难以有效应对软件的动态逆向分析。通过插入运行环境检测代码并将检测结果返回给不透明谓词,动态选择分支路径使软件仅在安全环境下运行被保护代码,防止代码被动态分析。引入一般和关键节点概念,提高谓词内部逻辑结构的复杂度并使用形式化方法进行描述。实验证明,成功检测出虚拟机和调试器并避开了受保护代码;在静态指令统计上与使用变形隐匿的方法对比,具有更好的隐匿效果。
|
| 关 键 词: | 不透明谓词 代码混淆 抗逆向分析 软件保护 |
| 收稿时间: | 2016/9/24 0:00:00 |
| 修稿时间: | 2016/11/30 0:00:00 |
Research on software anti-dynamic reverse analysis based on opaque predicate |
| |
| HAN Xiang-yu,LI Qiang,HUANG Hai-jun and YU Xiang.Research on software anti-dynamic reverse analysis based on opaque predicate[J].Application Research of Computers,2017,34(8). |
| |
| Authors: | HAN Xiang-yu LI Qiang HUANG Hai-jun and YU Xiang |
| |
| Affiliation: | Electronic Engineering Institute,,, |
| |
| Abstract: | Traditional opaque predicate aims at complex the internal construction of predicate which cannot deal with dynamic analysis. This paper proposes to return the result of condition checking to the predicates to limit the software running the protected code only in the safe environment, which keeps the code away from dynamic reverse analysis. This paper introduces the concept of key point and normal point to increase the complexity of the opaque predicate and describe it with formalized language. Experimental result shows that proposed method finds the debugger and the virtual machine successfully and shows a better result in the statistics compared with instructions transformation. |
| |
| Keywords: | Opaque Predicate Code Obfuscation Anti-reverse Analysis Software Protection |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
