期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

增强型虚拟寄存器轮转算法 被引量:1

Enhanced method based on virtual registers rotation
下载PDF
导出
摘要 为了对抗基于数据流逆向分析的语义攻击,以虚拟寄存器为切入点,提出了一种增强型虚拟寄存器轮转算法。该算法通过在解释执行中随机打乱部分虚拟寄存器与操作数的虚拟编译映射关系,有效地增加了虚拟机在解释执行过程中的数据流复杂度;同时,随机采用3种机制对轮转长度进行设定,增强了虚拟机代码保护系统的多样性。最后,设计实现了采用增强型虚拟寄存器轮转算法的虚拟机代码保护原型系统,验证了该算法的有效性。 Sematic attacks based on the data flow analysis bring big challenges to the code obfuscation. Concerning the data flow of virtual machine based(VM-based) code protection, the method transfers the mapping relation between the virtual registers and the op-code of the bytecode during executing, which means the uncertainty and complexity of the data flow during interpretive execution of the bytecode. In addition, three policies are proposed to address the problem that how to choose the length of rotation for each bytecode, which grows complexity of the protection. Finally, a prototype of VRR-VM(virtual machine protection system based on virtual registers rotation) was implemented. Experiment results show that the method is effective and applicable for anti-reversing.
作者 潘雁 林伟 PAN Yan;LIN Wei(State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China)
机构地区 数学工程与先进计算国家重点实验室
出处 《网络与信息安全学报》 2018年第5期47-54,共8页 Chinese Journal of Network and Information Security
基金 国家重点研发计划基金资助项目(No.2016YFB0801601 No.2016YFB0801505)~~
关键词 虚拟机代码保护 寄存器轮转 数据流分析 语义攻击 VM-based code protection virtual registers rotation data flow analysis sematic attacks
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献5

二级参考文献34

  • 1段钢.加密与解密[M].3版.北京:电子工业出版社,2006 1-5.
  • 2Collberg C,Nagra J. Surreptitious Software:Obfuscation, Watermarking, and Tamperproofing for Program Protection[M]. [S. l.]:Addison-Wesley Professional,2009.
  • 3Sharif M,Lanzi A,Giffin J. Automatic Reverse Engineering of Malware Emulators[C]/ / Proc. of 2009 IEEE Symposium on Security and Privacy. Berkeley, USA: IEEE Press,2009:94-109.
  • 4Rolles R. Unpacking Virtualization Obfuscators [C]/ / Proc. of WOOT’09. Montreal,Canada:[s. n.],2009:1.
  • 5Coogan K,Lu Gen, Debray S. Deobfuscatiion Virtualization- obfuscated Software:A Semantics-based Approa-ch [C]/ / Proc. of CCS’ 11. Chicago,USA:ACM Presss, 2011:275-284.
  • 6Newsome J,Song D. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software[C]/ / Proc. of NDSS’05. San Diego,USA:[s. n.],2005.
  • 7Nethercote N. Dynamic Binary Analysis and Instrumentation or Building Tools Is Easy [D]. Cambridge,UK: University of Cambridge,2004.
  • 8Luk Chi-Keung. Pin:Building Customized Program Analysis Tools with Dynamic Instrumentation[C]/ / Proc. of PLDI ’05. Chicago,USA:[s. n.],2005:190-200.
  • 9Clause J,Li Wanchun,Orso A. Dytan:A Generic Dynamic Taint Analysis Framework [C]/ / Proc. of International Symposium on Software Testing and Analysis. London,UK:[s. n.],2007:196-206.
  • 10Oreans Technologies:Themida[EB / OL]. [2009-05-06]. http:/ / www. oreans. com /.

共引文献17

同被引文献15

引证文献1

网络与信息安全学报
2018年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部