Java字节码的水印嵌入

通过Internet发布的Java程序正面临着严重的未授权使用。这是因为Java源代码被编译成可重用的class文件．这些class文件甚至很容易就被反编译成Java源文件。在本文中．我们提出一种在Java的class文件中嵌入数字水印的技术。通过在class文件中嵌入以数字水印形式存在的开发者的签名．可以有效的保证开发者对该程序的版权。我们的水印嵌入对程序的使用者来说是透明的，而对程序的开发者来说．可以轻易的找出未经授权的非法的程序使用。     

一种新的Java智能卡上字节码校验算法

Java智能卡上的字节码校验是保障Java卡安全的重要手段。但是,由于Java智能卡本身的空间和运算器的限制,传统的字节码校验算法无法在Java智能卡上实现。为了解决此问题,本文在分析了现有方法的特点和不足的基础上提出了一种基于有向分枝图和缓存策略的字节码校验算法。效率分析和实践表明,该算法是一种可以在Java智能卡上实现
现的高效算法。     

基于混合模式的Java卡字节码优化器

Java卡是一种基于Java语言的智能卡。因为智能卡的空间和处理器速度的约束,一个应用程序在Java卡上运行时面临的最大问题是存储空间的不足和对程序执行时间的严格限制。因此,对下载到卡中的字节码进行优化是十分必要的。本文提出了一种综合使用扩展指令集和分段压缩算法的Java卡字节码优化器的设计方案,通过对字节码文件的优化,可得到占用空间较少且没有降低执行速率的字节码文件。     

一种Java字节码静态调整的方法及应用

提出了一种改善J2ME中多维数组运算效率的方法。该方法不占用额外的内存,不需要修改虚拟机,通过静态修改已经编译好的Java字节码提高多维数组运算效率。实验表明,本方法比现有针对J2SE的多维数组运算效率解决方法更适用于J2ME环境。     

面向Java锁机制的字节码自动重构框架

Java语言提供了同步锁、可重入锁和读写锁等几种锁机制,在并行程序设计中不同的数据结构使用这几种锁机制时获得的性能通常是不同的。为了在不同的锁机制之间进行自动转换,进而帮助程序员了解程序的性能,提出了一种面向Java锁机制的字节码自动重构框架,并基于该框架实现了字节码重构工具Lock2Lock。Lock2Lock在Quad中间表示的基础上对字节码进行静态分析,并对分析的结果进行一致性验证,通过Javassist完成字节码的重构。使用红黑树、消费者生产者程序以及SPECjbb2005 3个测试程序对Lock2Lock重构工具进行了测试,结果表明,Lock2Lock可以成功地实现从同步锁到可重入锁或读写锁的重构。     

一种Java字节码保护技术的研究和实现

分析了Java字节码保护技术的现状,在此基础上提出了一种基于JVMTI的Java字节码保护技术,使得Java字节码的安全级别相当于传统的二进制代码。最后,给出了该技术在Win-dows平台和Linux平台下的实现方案。     

一种使用CFT的Java卡内字节码校验算法

Java卡字节码校验是构成Java卡安全体系结构的重要组成部分.而传统的Java卡字节码校验由于Java智能卡资源的限制,无法在卡内进行.本文通过对控制流程图和类型推导的分析,提出了基于控制流程树的Java卡卡外翻译过程和卡内校验器算法,详细描述了CFT迁移机理并对于基于CFT的Java卡内字节码校验算法和可行性进行了分析与实践.     

基于数据流的Java字节码分析

本文基于数据流框架理论,提出了如何将数据流分析方法应用于JAVA字节码中,通过建立数据流与半格、数据流和函数调用图的关系,从而对类型信息进行分析.实验表明该数据流分析方法能够对文件中的类型信息进行较精确的分析.     

基于Soot的JAVA字节码优化及性能分析

Java语言至今已成为最受欢迎的编程语言之一,由于其平台无关性、执行的安全性以及垃圾收集等特性而得到广泛应用,受到众多的IT企业及开发者的支持。然而,与诸如C/C++这类语言比起来,Java语言的运行性能在很多情况下还有待提高,优化Java应用性能的课题就成为当前业界迫切需要解决的问题和研究的热点。本文从优化Java字节码的角度切入,介绍一款在其上进行优化和变换的框架,并展示相关应用的例子。     

通过定制Java的类加载器执行保存在VFP表格中的Java字节码文件

文章则从程序运行的安全角度出发，探讨了如何将Java字节码文件预先装入VFP表格文件中，然后通过自定义的Java类加载器来运行保存在VFP表格中的字节码文件的方法，并对之进行了深入的讨论。     

Bytecode verification on Java smart cards

This article presents a novel approach to the problem of bytecode verification for Java Card applets. By relying on prior off‐card bytecode transformations, we simplify the bytecode verifier and reduce its memory requirements to the point where it can be embedded on a smart card, thus increasing significantly the security of post‐issuance downloading of applets on Java Cards. This article describes the on‐card verification algorithm and the off‐card code transformations, and evaluates experimentally their impact on applet code size. Copyright © 2002 John Wiley & Sons, Ltd.     

A Type System for the Java Bytecode Language and Verifier

The Java Virtual Machine executes bytecode programs that may have been sent from other, possibly untrusted, locations on the network. Since the transmitted code may be written by a malicious party or corrupted during network transmission, the Java Virtual Machine contains a bytecode verifier to check the code for type errors before it is run. As illustrated by reported attacks on Java run-time systems, the verifier is essential for system security. However, no formal specification of the bytecode verifier exists in the Java Virtual Machine Specification published by Sun. In this paper, we develop such a specification in the form of a type system for a subset of the bytecode language. The subset includes classes, interfaces, constructors, methods, exceptions, and bytecode subroutines. We also present a type checking algorithm and prototype bytecode verifier implementation, and we conclude by discussing other applications of this work. For example, we show how to extend our formal system to check other program properties, such as the correct use of object locks. This revised version was published online in August 2006 with corrections to the Cover Date.     

Improving the Decompilation of Java Bytecode to Prolog by Partial Evaluation

The interpretative approach to compilation allows compiling programs by partially evaluating an interpreter w.r.t. a source program. This approach, though very attractive in principle, has not been widely applied in practice mainly because of the difficulty in finding a partial evaluation strategy which always obtain “quality” compiled programs. In spite of this, in recent work we have performed a proof of concept of that, at least for some examples, this approach can be applied to decompile Java bytecode into Prolog. This allows applying existing advanced tools for analysis of logic programs in order to verify Java bytecode. However, successful partial evaluation of an interpreter for (a realistic subset of) Java bytecode is a rather challenging problem. The aim of this work is to improve the performance of the decompilation process above in two respects. First, we would like to obtain quality decompiled programs, i.e., simple and small. We refer to this as the effectiveness of the decompilation. Second, we would like the decompilation process to be as efficient as possible, both in terms of time and memory usage, in order to scale up in practice. We refer to this as the efficiency of the decompilation. With this aim, we propose several techniques for improving the partial evaluation strategy. We argue that our experimental results show that we are able to improve significantly the efficiency and effectiveness of the decompilation process.     

Experiments in Cost Analysis of Java Bytecode

Recently, we proposed a general framework for the cost analysis of Java bytecode which can be used for measuring resource usage. This analysis generates, at compile-time, cost relations which define the cost of programs as a function of their input data size. The purpose of this paper is to assess the practicality of such cost analysis by experimentally evaluating a prototype analyzer implemented in Ciao. With this aim, we approximate the computational complexity of a set of selected benchmarks, including both well-known algorithms which have been used to evaluate existing cost analyzers in other programming paradigms, and other benchmarks which illustrate object-oriented features. In our evaluation, we first study whether the generated cost relations can be automatically solved. Our experiments show that in some cases the inferred cost relations can be automatically solved by using the Mathematica system, whereas, in other cases, some prior manipulation is required for the equations to be solvable. Moreover, we experimentally evaluated the running time of the different phases of the analysis process. Overall, we believe our experiments show that the efficiency of our cost analysis is acceptable, and that the obtained cost relations are useful in practice since, at least in our experiments, it is possible to get a closed form solution.     

jContractor: Introducing Design-by-Contract to Java Using Reflective Bytecode Instrumentation

Design by Contract is a software engineering practice that allows semantic information to be added to a class or interface to precisely specify the conditions that are required for its correct operation. The basic constructs of Design by Contract are method preconditions and postconditions, and class invariants. This paper presents a detailed design and implementation overview of jContractor, a freely available tool that allows programmers to write “contracts' as standard Java methods following an intuitive naming convention. Preconditions, postconditions, and invariants can be associated with, or inherited by, any class or interface. jContractor performs on-the-fly bytecode instrumentation to detect violation of the contract specification during a program's execution. jContractor's bytecode engineering technique allows it to specify and check contracts even when source code is not available. jContractor is a pure Java library providing a rich set of syntactic constructs for expressing contracts without extending the Java language or runtime environment. These constructs include support for predicate logic expressions, and referencing entry values of attributes and return values of methods. Fine grain control over the level of monitoring is possible at runtime. Since contract methods are allowed to use unconstrained Java expressions, in addition to runtime verification they can perform additional runtime monitoring, logging, and analysis.     

Java Bytecode Verification: Algorithms and Formalizations

Bytecode verification is a crucial security component for Java applets, on the Web and on embedded devices such as smart cards. This paper reviews the various bytecode verification algorithms that have been proposed, recasts them in a common framework of dataflow analysis, and surveys the use of proof assistants to specify bytecode verification and prove its correctness. This revised version was published online in August 2006 with corrections to the Cover Date.     

数字水印技术综述

数字水印作为一种将特殊信息嵌入媒体数据的技术,近年来已成为国内外研究的热点并有着广泛的应用前景．通常数字水印被应用于数字图像、音频、视频以及其他媒体产品上以进行版权保护和验证多媒体数据的完整性．首先介绍了数字水印技术的特点和应用领域,并对其基本原理和评价标准进行了阐述,同时对数字水印的各种算法进行了分类研究与深入分析,并对不同算法进行了安全性与性能的横向比较,最后指出了数字水印今后的研究方向．     

一种自适应的彩色图像水印算法

提出了一种新颖的彩色图像水印算法，算法利用DCT系数块之间的相关性将水印嵌入到彩色图像亮度分量Y的DCT系数中，在提取过程中无需使用原始图像和其它参数。它可以根据原始图像的特征自适应地调节水印的嵌入强度，使得盗版者难以估计嵌入的位置。实验表明，本算法较好保持了原始图像的品质，对非几何攻击和有损压缩具有较好的稳健性。