期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于多层次属性加权的代码混淆有效性量化评估 被引量:5

Quantitative Evaluation for Effectiveness of Code Obfuscation Based on Multi-level Weighted Attributes
下载PDF
导出
摘要 为了克服软件保护过程中代码混淆方法选择的偶然性和盲目性,针对代码混淆量化比较和评估困难的问题,提出一种基于多层次属性加权的代码混淆定量评估方法:从攻击者角度出发,采用静态和动态逆向分析手段对混淆前后程序进行分析,量化基于程序属性的评估指标。构建三级层次分析模型,运用专家评分法来比较程序属性之间的重要性,以确定属性权值。在程序属性指标量化值和权值的基础上,运用层次分析法对不同混淆方法进行评估。实验和分析表明,评估方法能够定量地对不同混淆算法的有效性进行比较。 In order to overcome randomness and blindness for choosing code obfuscation algorithms in the process of software protection,in view of the problem that quantitative comparison and evaluation of code obfuscation are difficult,aquantitative evaluation method of obfuscation based on multi-level weighted attributes was proposed.From the aspect of attacker,it uses static and dynamic reverse analysis means to analyze the original and obfuscated programs,and quantifies evaluation index based on program attributes.Three-level hierarchical analysis model is constructed,and expert evaluation method is used to compare the importance of program attributes and determine the weights of program attributes.Based on the evaluation index quantitative values and weights of attributes,analytic hierarchy process is used to evaluate different obfuscation methods.Experiment and analysis show that the method can quantitatively compare the effectiveness of different obfuscation algorithms.
作者 谢鑫 刘粉林 芦斌 巩道福
机构地区 信息工程大学 数学工程与先进计算国家重点实验室
出处 《计算机科学》 CSCD 北大核心 2015年第3期167-173,共7页 Computer Science
基金 国家自然科学基金(61379151 61274189 61302159 61401512) 河南省杰出青年基金(14410051001)资助
关键词 代码混淆 量化评估 层次分析 加权属性 Code obfuscation Quantitative evaluation Analytic hierarchy Weighted attribute
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献17

  • 1Song D, Wagner D, Perrig A. Practical Techniques {or Searches on Encrypted Data[C]//Proceedings o[ IEEE Symposium on Se- curity and Privacy. 2000:44-55.
  • 2Goh E J. Secure Indexes. Cryptology ePrint Archive, Report 2003/216[OL]. http: //eprint. iacr. org/, 2003.
  • 3Chow R, Golle P, Jakobsson M, et al. Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control [C]//Proceedings of ACM Workshop on Cloud Computing Se-curity (CCSW' 09). New York, 2009:85-90.
  • 4Boneh D, Crescenzo G D, Ostrovsky R, et al. Public Key Encryp- tion with Keyword Seareh[C]///Proceedings of International Conference on Theory and Applications of Cryptographic Tech- niques ( Eurocrypt ' 04 ). Interlaken, Switzerland, Vol. 3027, 2004:506-522.
  • 5李春艳,张学杰.基于基准测试的高性能计算云研究[J].计算机科学,2013,40(12):23-30. 被引量:3
  • 6Li J, Wang Q, Wang C, et al. Fuzzy keyword search over en- crypted data in cloud computing[C]//Proc, of IEEE INFO- COM, Mini-Conference. 2010 : 441-445.
  • 7Hwang Y H,Lee P J. Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System[C]// Proceedings of International Conference on Pairing-Based Cryp- tography (Pairing' 07). 2007 : 2-22.
  • 8Ballard L, Kamara S, Monrose F. Achieving Efficient Conjunc- tive Keyword Searches over Encrypted Data[C]//Proceedings of International Conference on Information and Communications Security (ICICS' 05). Vol. 3783,2005 : 414-426.
  • 9Boneh D, Waters B. Conjunctive, Subset, and Range Queries on Encrypted Data[C]//Proceedinzs of TCC'07. 2007:535-554.
  • 10林闯,苏文博,孟坤,刘渠,刘卫东.云计算安全:架构、机制与模型评价[J].计算机学报,2013,36(9):1765-1784. 被引量:319

二级参考文献163

  • 1林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报,2005,28(12):1943-1956. 被引量:92
  • 2樊亚军,刘久文.TPM安全芯片设计与实现[J].信息安全与通信保密,2007,29(6):136-137. 被引量:5
  • 3罗武庭.DJ—2可变矩形电子束曝光机的DMA驱动程序[J].LSI制造与测试,1989,10(4):20-26. 被引量:373
  • 4张旻晋 桂文明 苏递生 等.从终端到网络的可信计算技术.信息技术快报,2006,4(2):21-34.
  • 5Organization for the Advancement of Structured Information Standards (OASIS) http://www.oasis-open.org/.
  • 6Distributed Management Task Force (DMTF) http://www.dmtf.org/home.
  • 7Cloud Security Alliance http://www.cloudsecurityalliance.org.
  • 8Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In: Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop--CSFW 2006. Venice: IEEE Computer Society Press, 2006. 5-7.
  • 9Damiani E, De S, Vimercati C, Foresti S, Jajodia S, Paraboschi S, Samarati P. An experimental evaluation of multi-key strategies for data outsourcing. In: Venter HS, Eloff MM, Labuschagne L, Eloff JHP, Solms RV, eds. New Approaches for Security, Privacy and Trust in Complex Environments, Proc. of the IFIP TC-11 22nd Int'l Information Security Conf. Sandton: Springer-Verlag, 2007. 395-396.
  • 10Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Shands D, ed. Proc. of the 2007 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society, 2007. 321-334. [doi: 10.1109/SP.2007.11].

共引文献1329

同被引文献17

引证文献5

二级引证文献12

计算机科学
2015年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部