期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于动态符号执行的不透明谓词反混淆算法

Opaque Predicate De-Obfuscation Scheme Based on Dynamic Symbolic Execution
下载PDF
导出
摘要 恶意软件、漏洞利用程序等层出不穷,这些程序通常会利用代码混淆来增加其分析难度,以此来延长生存周期。不透明谓词混淆是代码混淆中的主要方法之一。目前通过数据流分析消除程序中的不可达路径是不透明谓词的主要反混淆方法。文章提出一种基于动态符号执行的路径不可达分析的不透明谓词反混淆算法,通过控制流图分析得到每个函数的基本块,然后对含有分支的基本块进行路径可达性分析,去除不可达路径。原型系统实验结果表明,该算法的平均反混淆率在80%左右。 Malicious software and vulnerability exploitprograms emerge endlessly. They usually extend the life cycle by using obfuscated code and hence increase the difficulty to beanalyzed. The opaque predicate obfuscation is one of the main ways for code obfuscation. At present,the main de-obfuscating method for opaque predicates is to eliminate the unreachable path in the program through data flow analysis. This paper presents a scheme of path unreachability analysis on opaque predicate de-obfuscationbased on dynamic symbolic execution. Each function is obtained by control flow graph analysis of basic block. As for the path containing branches of basic block,the accessibility is analyzed and the inaccessiblepaths are eliminated. By analyzing the path reachability of branches,we can determine the true branches that will be executed. Our experiment result shows that the average de-obfuscation rate is at around 80%.
作者 宋雪勦 张俊 何明星 SONG Xuechao,ZHANG Jun, HE Mingxing(School of Computer and Software Engineering, Xihua University, Chengdu 610039 Chin)
机构地区 西华大学计算机与软件工程学院
出处 《西华大学学报(自然科学版)》 CAS 2018年第3期73-77,共5页 Journal of Xihua University:Natural Science Edition
基金 国家自然科学基金车载自组织网络保护隐私的认证协议研究(U1433130)
关键词 混淆 不透明谓词 反混淆 动态符号执行 路径可达性 : obfuscation opaque predicate de-obfuscation dynamic symbolic execution path reachability
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献4

二级参考文献35

  • 1史扬,曹立明,王小平.混淆算法研究综述[J].同济大学学报(自然科学版),2005,33(6):813-819. 被引量:12
  • 2潘承洞,潘承彪.初等数论[M].北京:北京大学出版社,1991.
  • 3Collberg C, Thomhorson C D. Low manufacturing cheap, resilient, and stealthy opaque constructs [ C ] // Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. California: ACM, 1998: 184-196.
  • 4Barak B, Goldreich O, Impagliazzo R, et al. On the (im) possibility of obfuscating programs [ C] //Proc of CRYPTO-2001, LNCS 2139. Berlin: Springer-Verlag, 2001 : 1-18.
  • 5Arboit G. A method for watermarking Java programs via opaque predicates[ C]//International Conference on Electronic Commerce Research ( ICECR-5 ). Montreal: [s. n. ], 2002: 124-131.
  • 6Myles G, Collberg C. Software watermarking via opaque predicates: implementation, analysis, and attacks [ J ]. Electron Commerce Research, 2006, 4(6): 155-171.
  • 7Yuan Zheng, Wen Qiaoyan, Wu Wenling, et al. An IDbased watermarking scheme for Java programs[ C]//EUC Workshops 2006. Berlin: Springer-Verlag, 2006: 848-857.
  • 8Collberg C. CS620 security through obscurity[EB/OL]. (2002)[2006-04-20]. http://www. cs. arizona. edu/. collberg/Teaching/SoftwareSecurity. html.
  • 9Alcianu S A, Rinard M. Pointer and escape analysis for multithreaded programs [ C ]//Proc of 2001 ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPOPP '01). Snowbird: ACM, 2001: 12-23.
  • 10Yuan Zheng,Wen Qiao-yan,Wu Wen-ling,et al.An ID-based watermarking scheme for java programs[C]///EUC Workshops,2006.Berlin:Springer-Verlag,2006:848-857.

共引文献38

西华大学学报(自然科学版)
2018年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部