摘要
考虑到并行和多虚拟机保护的程序逆向分析难度大大高于串行和单虚拟保护的程序,针对嵌套虚拟机为实现高强度保护而引入的高开销问题,提出一种基于代码并行化和虚拟机多样化的软件保护方法,基于程序依赖图运用切片技术对代码进行并行划分,设计多种虚拟指令集及其对应的编译器和解释器,将划分后的代码编译成多样化字节码序列,并和虚拟指令解释器共同嵌入程序.实验分析表明:逆向攻击者需分析不同虚拟机机制和并行代码集才能获取受保护程序语义,在降低时间开销的同时极大增加了逆向分析的难度.
Programs protected by code parallelization and multiple virtual machines are reverse analyzed more difficulty than that protected by code serialization and single virtual machine. For the problem that the nested virtual machines introduce high overhead,a software protection scheme based on code parallelization and virtual machine diversity is proposed. The scheme first slices codes into parallel ones based on the program dependence graph,then designs a variety of virtual instructions and corresponding compilers and interpreters,and then compiles the parallel codes into different byte code sequences and embeds them into the program with their diverse interpreters. Experiments and analysis showthat attacker should analyze different virtual machine mechanisms and parallel code set to get the complete program semantics,so it not only reduces the high overhead but also greatly increases the difficulty of reverse analysis.
出处
《小型微型计算机系统》
CSCD
北大核心
2015年第11期2588-2593,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61379151
61272489
61302159
61401512)资助
河南省杰出青年基金项目(144100510001)资助
关键词
软件保护
代码混淆
代码并行化
虚拟机多样化
software protection
code obfuscation
code parallelization
virtual machine diversity