摘要
未经处理的传统二进制可执行代码容易遭到静态分析、动态分析、逆向工程和篡改等恶意攻击。进程级虚拟机软件技术近年来被用于软件保护领域。本文描述一种新颖的进程级软件保护虚拟机指令解释器方案,该方案使用自定义的SEH(Structured Exception Handling,结构化异常处理)控制虚拟指令的获取。结果表明,该方案为虚拟机中其他保护手段提供了平台,并能在现有基础上增加逆向分析的难度。
The traditional untreated binary executable code is vulnerable to static analysis, dynamic analysis, reverse engineer- ing, and tampering malicious attacks. In recent years, process-level virtual machine software technology has been used in the field of software protection. This paper describes a novel process-level virtual machine instruction interpreter scheme applied to software protection. This scheme uses a custom SEH ( Structured Exception Handling) to control the obtain of virtual instruction. The results show that this scheme provides a platform for other virtual machine protection methods, and can increase the difficulty of reverse analysis on the existing basis.
出处
《计算机与现代化》
2013年第8期119-121,128,共4页
Computer and Modernization
基金
国家高技术研究发展计划(863计划)资助项目(2012AA021105)
关键词
进程级虚拟机
指令解释器
SEH
软件保护
process-level virtual machine
instruction interpreter
SEH
software protection