期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于自修改代码技术的软件保护方法 被引量:5

Software protection method based on self-modification mechanism
下载PDF
导出
摘要 提出一种基于自修改代码(SMC)技术的软件保护方法,该方法通过将关键代码转换为数据存储在原程序中,以隐藏关键代码;受保护的可执行文件执行过程中,通过修改进程中存储有隐藏代码的虚拟内存页面属性为可执行,实现数据到可执行代码的转换.实验证明,此软件保护方法简单,易实现,可以有效提高SMC的抗逆向分析能力. In this paper, we present a new method based on self-modification mechanism to protect softwares against illegal acts of hacking. The key idea is to converse key codes into data in the original program so as to make programs harder to analyze correctly. Then, we translate data to executable codes by enabling the virtual memory page which stores the hidden code to be executable at run-time. Our experiments demonstrate that the method is practical and efficient.
作者 王祥根 司端锋 冯登国 苏璞睿
机构地区 中国科学技术大学电子工程与信息科学系 中国科学院软件研究所信息安全国家重点实验室 信息安全共性技术国家工程研究中心
出处 《中国科学院研究生院学报》 CAS CSCD 北大核心 2009年第5期688-694,共7页 Journal of the Graduate School of the Chinese Academy of Sciences
基金 国家自然科学基金项目(60703076) 国家"863"高技术研究发展计划项目(2006AA01Z412 2007AA01Z451)资助
关键词 自修改代码 软件保护 动态分析 静态分析 self-modifying code(SMC), software protection, dynamic analysis, static analysis
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1Yuichiro K, Akito M, Masahide N, et al. Exploiting self-modification mechanism for program protection [ C ]//Proceedings of the 27th Annual International Computer Software and Applications Conference. Washington, DC, USA: IEEE Computer Society, 2003: 170-181.
  • 2Yuichiro K, Akito M, Masahide N, et al. A software protection method based on instruction camouflage[ C]//Electronics and Communications in Japan (Part 3). Wiley Publishers, 21306, 89(1): 47-59.
  • 3Yuichiro K, Akito M, Masahide N, et aZ. Program camouflage: a systematic instruction hiding method for protecting secrets[ C ]//Proceedings of World Congress on Science, Engineering and Technology. Heidelberg, Germany: WASET, 2008, 33: 557-563.
  • 4Linn C, Debray S. Obfuscation of executable code to improve resistance to static disassembly [ C ]//Jajodia S, Atluri V, Jaeger T (eds). Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003). New York: ACM, 2003: 290-299.
  • 5Madou M, Anckaert B, Moseley P, et al. Software protection through dynamic code mutation[ C ]//Proceedings of the 6th International Workshop on Information Security Applications. Springer Berlin : Heidelberg, 2005, 3786: 194-206.
  • 6Royal P, Halpin M, Dagon D, et al. PolyUnpack: Automating the hidden-code extraction of unpack-executing malware[ C]//Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference (ACSAC '06). Washington, DC, USA: IEEE Computer Society, 2006: 289-300.
  • 7Kang M, Poosankam P, Yin H. Renovo: A hidden code extractor for packed executables[ C]//Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM 2007). New York: ACM, 2007: 46-53.
  • 8Wu Y D, Zhao Z G, Chui T W. An attack on SMC-based software protection[ C]//Proceedings of the International Conference on Computational Science 2006 (ICCS 2006). Springer Berlin : Heidelberg, 2006, 4307 : 352-368.

同被引文献37

  • 1朱建启,刘衍珩,殷柯欣,宋双.基于中国剩余定理动态图软件水印方案[J].吉林大学学报(工学版),2008,38(S2):198-201. 被引量:2
  • 2周立国,熊小兵,孙洁.基于自封闭代码块的软件保护技术[J].计算机应用,2009,29(3):817-822. 被引量:4
  • 3怀进鹏,李沁,胡春明.基于虚拟机的虚拟计算环境研究与设计[J].软件学报,2007,18(8):2016-2026. 被引量:78
  • 4FUTORANSKY A.Viral infections in Cisco IOS[EB/OL].(2008-08-06).https://media,blackhat.com/bh-usa-08/video/bh-us-08-Futoransky/black-hat-usa-08-futoransky-viralCisco-hires.m4v.
  • 5LYNN M.The holy grail:Cisco IOS shellcode and exploitation tech-niques[EB/OL].(2010-11-21).http://securityvulns.com/Fnews57.html.
  • 6CHAWDHARY G,VARUN U.Cisco sheilcodes[EB/OL].(2008-08-06).https://www.blackhat.com/presentations/bh-usa-08/Chawdhary _Uppal/BH_US_08_Chawdhary_Uppal_Cisco__IOS_Shell-codes.pdf.
  • 7FELIX L.Cisco IOS router exploitation[EB/OL].(2009-06-22).http:// www.blackhat.com/presentations/bh-usa-09/LINDNER/BHUSA09-Lindner-RouterExploit-PAPER,pdf.
  • 8Rootkits on Cisco IOS devices[EB/OL].(2011-01). http://www.cisco,com/warp/public/707/cisco-sr-20080516-rootkits.shtml.
  • 9MUNIZ S,ORTEGA A.Fuzzing and debugging Cisco IOS[EB/OL].(2011-12-21).http://www.pdfpedia.com/download/13758/fuzz-ing-and-debugging-cisco-ios-blackhat-europe-2011-pdf.html.
  • 10http://baike.baidu.com/view/4411157.htm,2013年11月.

引证文献5

二级引证文献9

中国科学院研究生院学报
2009年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部