| 反静态反汇编技术研究 |
| |
| 引用本文: | 吴金波,蒋烈辉. 反静态反汇编技术研究[J]. 计算机应用, 2005, 25(3): 623-625. DOI: 10.3724/SP.J.1087.2005.0623 |
| |
| 作者姓名: | 吴金波 蒋烈辉 |
| |
| 作者单位: | 信息工程大学,信息工程学院,河南,郑州,450002;信息工程大学,信息工程学院,河南,郑州,450002 |
| |
| 摘 要: | 通过对软件可执行二进制码的静态反汇编结果进行分析,可以对其进行非法的修改或窃取其知识产权。为了防范这种情况,在描述静态反汇编基本算法的基础上,提出了分支函数和跳转表欺骗两种隐藏程序控制流的反静态反汇编技术。这两种技术能够隐藏程序中跳转指令的真实目标地址,并能够伪造出导致静态反汇编器出错的假目标地址,从而提高程序的反静态反汇编性能,增加软件分析的难度。
|
| 关 键 词: | 可执行程序 控制流隐藏 反静态反汇编 |
| 文章编号: | 1001-9081(2005)03-0623-02 |
Research on resistance to static disassembly |
| |
| WU Jin-bo,JIANG Lie-hui. Research on resistance to static disassembly[J]. Journal of Computer Applications, 2005, 25(3): 623-625. DOI: 10.3724/SP.J.1087.2005.0623 |
| |
| Authors: | WU Jin-bo JIANG Lie-hui |
| |
| Affiliation: | ollege of Information Engineering, Information Engineering University |
| |
| Abstract: | The goal of making unauthorized modifications or stealing intellectual property of software can be reached by analyzing the static disassembly result of its executable binary code. In order to avoid this kind of instance,this paper described the basic static disassembly algorithm, then proposed two anti-disassembly techniques focusing on the obfuscation of control flow,branch function and jump table spoofing. These two techniques can hide the real target addresses of jump instructions, and can fabricate target addresses which will lead to error of static disassemblers. Therefore the (program's) resistance to static disassembly will be improved, and it is more difficult to analyze the software. |
| |
| Keywords: | executable code obfuscation of control flow resistance to static disassembly |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
