期刊文献+

软件防篡改技术综述 被引量:25

Survey of Software Tamper Proofing Technique
下载PDF
导出
摘要 随着计算机软件的广泛使用,软件安全性问题日益突出.如何设计切实可行的软件保护方案已成为必须直面的挑战,具有重要的现实意义.近年来,软件防篡改技术作为软件保护的重要手段之一受到国内外研究者的重视.软件防篡改的目标在于阻止程序中的关键信息被非法修改或使用;检测篡改并作出适当的响应.针对这两个目标,重点介绍了基于代码混淆的静态防篡改技术和基于检测-响应的动态防篡改技术,对现有主流的软件防篡改技术进行分类,并分析和讨论了各类方法的优劣和局限性.最后,总结软件防篡改领域存在的问题,并对其未来可能的发展与研究方向提出建议. With the wide use of computer technologies,software has become indispensable in our daily life and the corresponding security issues in software systems are more and more prominent.Especially,how to design a practical protection scheme is quite important and has great significance in the software research and development industries.As one of the key methods for software protection,the software tamper proofing technique attracts much attention from researchers both at home and abroad in recent years.Such technique aims at preventing the critical program information from the unauthorized modifications and uses,and also at generating the responses once the tampering is detected.Presented in this paper is a review of the analysis of software tamper proofing.In our discussion,different tamper proofing methods are classified into two categories:the static tamper proofing methods based on the code obfuscation as well as the dynamic tamper proofing methods based on the verification-response.The advantages and disadvantages,strengths and weaknesses of these methods are presented in detail.In the end,through the survey of these tamper proofing techniques,a summary is obtained which includes not only the characteristics,but also the existing problems and future work of the software tamper proofing technique.
出处 《计算机研究与发展》 EI CSCD 北大核心 2011年第6期923-933,共11页 Journal of Computer Research and Development
基金 国家自然科学基金项目(90718010 60803016) 国家"九七三"重点基础研究计划基金项目(2007CB310802) 国家"八六三"高技术研究发展计划基金项目(2008AA042301) 国家核高基科技重大专项(2010ZX01042-002-002-01) 清华信息科学与技术国家实验室(筹)学科交叉基金项目
关键词 防篡改 软件保护 静态防篡改技术 动态防篡改技术 检测-响应 代码混淆 tamper proofing software protection static tamper proofing technique dynamic tamper proofing technique verification-response code obfuscation
  • 相关文献

参考文献41

  • 1Hoi C, Atallah J M. Protecting software code by guards [G]//LNCS 2320: Proc of DRM Workshop. Berlin: Springer, 2001: 125-141.
  • 2Business Software Alliance. Fifth Annual BSA and IDC Global Software Piracy Study [R/OL]. Washington, DC: Business Software Alliance, 2008. [2010-01-16]. http:// portal. bsa. org/ideglobalstudy2007/studies/2007_global_piracy_ study. pdf.
  • 3Business Software Alliance. Sixth Annual BSA and IDC Global Software Piracy Study [R/OL]. Washington, DC: Business Software Alliance, 2009. [2010-01-16]. http:// portal. bsa. org/globalpiracy2008/studies/globalpiracy2008. pdf.
  • 4David L, Thekkath C, Mitchell M, et al. Architectural support for copy and tamper resistant software [C] //Proc of the 9th Int Conf on Architectural Support for Programming Languages and Operating Systems, New York: ACM, 2000: 168-177.
  • 5Aucsmith D. Tamper Resistant Software : An implementation [G]//LNCS 1174: Proc of the 1st Int Workshop on Information Hiding. Berlin: Springer, 1996: 317-333.
  • 6Bryant E D, Atallah M J, Stytz M R. A Survey of Anti-tamper Technologies [J]. CrossTalk: The Journal of Defense Software Engineering, 2004, 17(11): 12-16.
  • 7Gleb N, Nasir M. Preventing piracy, reverse engineering, and tampering[J]. IEEE Computer, 2003, 36(7): 64-71.
  • 8Collberg C, Thomborson C. Watermarking, tamper-proofing, and obfuscation-tools for software protection [J]. IEEE Trans on Software Engineering, 2002, 28(8) : 735-746.
  • 9Giffin J T, Christodoreseu M, Kruger L. Strengthening software self-checksumming via self-modifying code [C] // Proc of the 21st ACSAC. Washington, DC: IEEE Computer Society, 2005:23-32.
  • 10Wurster G, Oorschot P C, Somayaji A, et al. A generic attack on checksumming-based software tamper resistance [C]//Proc of IEEE Syrup on S&P. Washington, DC.. IEEE Computer Society, 2005: 127-138.

同被引文献202

引证文献25

二级引证文献51

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部