Software protection technology has been universally emphasized,with the development of reverse engineering and static analysis techniques.So,it is important to research how to quantitatively evaluate the security of t...Software protection technology has been universally emphasized,with the development of reverse engineering and static analysis techniques.So,it is important to research how to quantitatively evaluate the security of the protected software.However,there are some researchers evaluating the security of the proposed protect techniques directly by the traditional complexity metrics,which is not sufficient.In order to better reflect security from software complexity,a multi-factor complexity metric based on control flow graph(CFG) is proposed,and the corresponding calculating procedures are presented in detail.Moreover,complexity density models are constructed to indicate the strength of software resisting reverse engineering and code analysis.Instance analysis shows that the proposed method is simple and practical,and can more objectively reflect software security from the perspective of the complexity.展开更多
C/C++源代码因其手动分配堆内存的特点,造成大量内存泄漏的问题。对于多分支的控制流结构,其内存分配点和释放点具有不确定性,使得内存泄漏检测的难度增大。针对这种复杂控制流中的内存泄漏问题,定义了一种基于路径抽象的内存泄漏分类方...C/C++源代码因其手动分配堆内存的特点,造成大量内存泄漏的问题。对于多分支的控制流结构,其内存分配点和释放点具有不确定性,使得内存泄漏检测的难度增大。针对这种复杂控制流中的内存泄漏问题,定义了一种基于路径抽象的内存泄漏分类方法,提出了一种基于投影的模型检测静态分析算法。该算法采用投影技术将原控制流图进行规约和简化;同时,在进行函数间的分析时,融合了Cloning Expands the ICFG和Expanded Supergraph两种方法,构建了一个函数间的内存定义-使用控制流图(Interprocedural Memory Control Flow Graph,IMCFG)。实验表明,该检测方法在有效性和准确率方面明显取得了较好的结果。展开更多
基金Key Project of the National Eleventh-Five Year Research Program of China(No.2006BAD10A07)
文摘Software protection technology has been universally emphasized,with the development of reverse engineering and static analysis techniques.So,it is important to research how to quantitatively evaluate the security of the protected software.However,there are some researchers evaluating the security of the proposed protect techniques directly by the traditional complexity metrics,which is not sufficient.In order to better reflect security from software complexity,a multi-factor complexity metric based on control flow graph(CFG) is proposed,and the corresponding calculating procedures are presented in detail.Moreover,complexity density models are constructed to indicate the strength of software resisting reverse engineering and code analysis.Instance analysis shows that the proposed method is simple and practical,and can more objectively reflect software security from the perspective of the complexity.
文摘C/C++源代码因其手动分配堆内存的特点,造成大量内存泄漏的问题。对于多分支的控制流结构,其内存分配点和释放点具有不确定性,使得内存泄漏检测的难度增大。针对这种复杂控制流中的内存泄漏问题,定义了一种基于路径抽象的内存泄漏分类方法,提出了一种基于投影的模型检测静态分析算法。该算法采用投影技术将原控制流图进行规约和简化;同时,在进行函数间的分析时,融合了Cloning Expands the ICFG和Expanded Supergraph两种方法,构建了一个函数间的内存定义-使用控制流图(Interprocedural Memory Control Flow Graph,IMCFG)。实验表明,该检测方法在有效性和准确率方面明显取得了较好的结果。