期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于进程级虚拟机的软件防篡改方法 被引量:6

Software tamper proofing based on process-level virtual machine
原文传递
导出
摘要 分析整理了进程级虚拟机(PVM)保护机制,并提出一种基于进程级虚拟机的软件防篡改方法.该方法将校验和哨兵技术及反调试技术以虚拟指令(VI)的方式融合进来,设计并实现了多种防篡改安全指令(TPI)和反调试安全指令(ADI),并基于哨兵环和随机化的思想植入源程序中.保证被保护程序的内部代码不遭到恶意篡改攻击,且程序在无损环境中执行.最后,通过原型系统VMGuards进行验证,实验结果表明VMGuards的保护粒度与保护后程序的执行性能开销之间能达到很好的平衡. The mechanism of the PVM(process-level virtual machine)protection was discussed,and a novel method of software tamper proofing was suggested,which combined the idea of checksumming guards and anti-debug technique.Several kinds of tamper proofing instructions(TPI)and anti-debug instructions(ADI)were designed,moreover,they were inserted to the program based on the idea of guards-ring and randomization.By this very design,this method detects and responds to the tamper behavior occurred inside of the program during program execution,and it guarantees that the execution outside environment is unharmed.Finally,aproof-of-concept prototype,VMGuards,was implemented to demonstrate our idea.And the experiments show that the protection granularity and performance overhead can achieve a good balance.
作者 汤战勇 郝朝辉 房鼎益 陈晓江
机构地区 西北大学信息科学与技术学院
出处 《华中科技大学学报(自然科学版)》 EI CAS CSCD 北大核心 2016年第3期65-70,共6页 Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金 国家科技支撑计划资助项目(2013BAK01B02) 国家自然科学基金资助项目(61170218 61272461 61202393) 陕西省教育厅产业化培育项目(2013JC07) 陕西省自然科学基础研究计划资助项目(2012JQ8049)
关键词 进程级虚拟机 防篡改 哨兵 哨兵环 反调试 随机化 process-level virtual machine tamper proofing guards guards-ring anti-debug randomization
分类号 TP391 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

  • 1Ghosh S, Hiser J, Davidson J W. Software protec- tion for dynamically-generated codeCC~//Proc of 2nd ACM SIGPLAN Program Protection and Reverse En gineering Workshop. New York: ACM Press, 2013: 1-15.
  • 2Fang H, Wu Y, Wang S, et al. Multi-stage binary code obfuscation using improved virtual machine~M~. Berlin: Springer, 2011.
  • 3Kinder J. Towards static analysis of virtualization-ob fuscated binaries [C]//Proc of 2012 19th Working Conference on Reverse Engineering (WCRE). Kings- ton: IEEE, 2012: 61-70.
  • 4Ghosh S, Hiser J, Davidson J W. Replacement at- tacks against VM-protected applications[C~//Proc of ACM SIGPLAN Notices. New York: ACM Press, 2012: 203-214.
  • 5Anckaert B, Jakubowski M, Venkatesan R, et al. Run-time randomization to mitigate tampering ~M~. Nara: Springer, 2007: 153-68.
  • 6Crane S, Homescu A, Brunthaler S, et al. Thwar- ting cache side-channel attacks through dynamic soft- ware diversity[C]//Proc of Network And Distributed System Security Symposium, NDSS2015. San Diego: The Internet Society, 2015: 1-14.
  • 7Ghosh S, Hiser J D, Davidson J W. A secure and ro- bust approach to software tamper resistanceVC~// Proc of Information Hiding. Berlin: Springer, 2010: 33-47.
  • 8Chang H, Atallah M J. Protecting software code by guards EJ~. Lecture Notes in Computer Science, 2001, 2320: 160-175.
  • 9Qiu J, Yadegari B, Johannesmeyer B, et al. Identif- ying and understanding self-checksumming defenses in software[C]//Proc of 5th ACM Conference on Da ta and Application Security and Privacy. New York: ACM Press, 2015: 207-218.
  • 10Osit A, Botelho B, Uto N. Implementation aspects o{ so{tware guards: a case study~C3//Proc of 2014 9th International Con{erenee on Internet Technology and Secured Transactions ( ICITST ). London~ IEEE, 2014~ 262-267.

同被引文献52

引证文献6

二级引证文献9

华中科技大学学报(自然科学版)
2016年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部