CN101986326A - Method and device for protecting software security - Google Patents
Method and device for protecting software security Download PDFInfo
- Publication number
- CN101986326A CN101986326A CN201010568449XA CN201010568449A CN101986326A CN 101986326 A CN101986326 A CN 101986326A CN 201010568449X A CN201010568449X A CN 201010568449XA CN 201010568449 A CN201010568449 A CN 201010568449A CN 101986326 A CN101986326 A CN 101986326A
- Authority
- CN
- China
- Prior art keywords
- obscure
- processing
- obscuring
- intermediate file
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012545 processing Methods 0.000 claims abstract description 96
- 238000011156 evaluation Methods 0.000 claims abstract description 25
- 230000008569 process Effects 0.000 claims description 16
- 238000004458 analytical method Methods 0.000 claims description 8
- 230000000694 effects Effects 0.000 claims description 8
- 238000005206 flow analysis Methods 0.000 claims description 4
- 238000004321 preservation Methods 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 13
- 238000007781 pre-processing Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 5
- 238000006243 chemical reaction Methods 0.000 description 3
- 239000012467 final product Substances 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000149 penetrating effect Effects 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Abstract
The embodiment of the invention discloses a method and device for protecting software security. The method comprises the following steps: compiling an input source file to generate an intermediate file; preprocessing the intermediate file to acquire the program information of the intermediate file, and generating a confusion policy; carrying out confusion processing on the intermediate file according to the confusion policy; and when the result of the confusion processing reaches the preset confusion evaluation index, carrying out connection processing on the intermediate file after confusion processing, and outputting an object file after connection processing. The embodiment of the invention carries out back tracking by a code confusion technology and confuses actual information by a large amount of useless information to increase the tracking workload and complexity of a tracker, thereby achieving the purpose that the code principle of the software to be protected can not be analyzed so that the security of the software is improved.
Description
Technical field
The present invention relates to field of computer technology, particularly a kind of method and device of protecting software security.
Background technology
Hacker and trojan horse author can threaten to the safety of software by trace debug software.With security exchange software is example; by security software is carried out trace debug; may analyze crucial data encryption flow process and software protection flow process; thereby produce special upgrade version malicious code program at these encryption flow and secret flow process; steal user password; and illegally intercept and capture user's Transaction Information, thereby bring very big threat for the security of security exchange software.Therefore need protect the safety of software by anti-tracking technology, the existing common anti-single-step debug of anti-tracking technology flag register (Anti-Single Step), revise and interrupt inlet (Modify Interrupt Entry), anti-breakpoint and follow the tracks of (Anti-Breakpoint), debugger and detect (Debug Detection) etc.
The inventor finds in the research process to prior art, existing anti-tracking technology commonly used need be revised the bottom mechanism of the operating system of operating software, because the cover internal mechanism that debug process is the operating system combined with hardware interrupts realizing, in order effectively to debug program, existing anti-tracking technology needs the mechanism of perturbation operation system.With anti-breakpoint tracking technique is example, when breakpoint takes place, should enter the flow process of debugger originally, has just entered after disturbed to articulate the back function, has therefore disturbed normal operating system mechanism, must make amendment to the bottom mechanism of operating system.Hence one can see that, and the software compatibility of existing anti-tracking technology is poor, too relies on hardware environment, when being applied in security exchange software especially, is difficult to satisfy its security needs.
Summary of the invention
The purpose of the embodiment of the invention is to provide a kind of method and device of protecting software security, to solve existing anti-tracking technology poor compatibility and to rely on hardware environment, causes being difficult to protect the problem of software security.
For solving the problems of the technologies described above, the embodiment of the invention provides following technical scheme:
A kind of method of protecting software security comprises:
Source file to input compiles the generation intermediate file;
Described intermediate file is carried out the program information that pre-service obtains described intermediate file, and strategy is obscured in generation;
According to described obscure the strategy described intermediate file is obscured processing;
When the described result who obscures processing reaches default when obscuring evaluation index, the intermediate file of obscuring after the processing is carried out connection processing, and the file destination after the output connection processing.
Described intermediate file comprises: symbol table, control flow and assembly instruction.
Describedly middle file is carried out pre-service comprise: described intermediate file is carried out process analysis, data-flow analysis and the analysis of data interdependency.
Also comprise:
Preservation sets in advance obscures parameter, describedly obscures parameter and comprises and obscure intensity and obscure elasticity.
Described generation is obscured strategy and is comprised:
Obtain different obscuring intensity and obscure elasticity as required;
Obscure intensity and obscure elasticity and make up and obtain the described strategy of obscuring what obtain.
Describedly obscure strategy and described intermediate file is obscured to handle comprise according to described:
According to described obscure the strategy described intermediate file is traveled through;
Insert useless code in described intermediate file, the implementation effect that inserts the described intermediate file behind the useless code is consistent with described source file.
Also comprise:
In advance the performance of obscuring processing is assessed the acquisition evaluation index, described evaluation index comprises the intensity of obscuring processing, obscure the elasticity of processing and obscure the expense of processing.
A kind of device of protecting software security comprises:
Compilation unit is used for the source file of input is compiled the generation intermediate file;
Pretreatment unit is used for described intermediate file is carried out the program information that pre-service obtains described intermediate file;
Generation unit is used for generating and obscures strategy;
Obscure the unit, be used for according to described obscure the strategy described intermediate file is obscured processing;
Linkage unit is used for reaching default when obscuring evaluation index as the described result who obscures processing, and the intermediate file of obscuring after the processing is carried out connection processing;
Output unit is used to export the file destination after the connection processing.
Also comprise:
Preserve the unit, be used to preserve the parameter of obscuring that sets in advance, describedly obscure parameter and comprise and obscure intensity and obscure elasticity.
Described generation unit comprises:
Obscure parameter acquiring unit, be used for obtaining as required different obscuring intensity and obscure elasticity;
Obscure the parameter combinations unit, be used for obscuring intensity and obscuring elasticity and make up and obtain the described strategy of obscuring what obtain.
Describedly obscure the unit and comprise:
The file traversal unit, be used for according to described obscure the strategy described intermediate file is traveled through;
Code inserts the unit, is used for inserting useless code at described intermediate file, and the implementation effect that inserts the described intermediate file behind the useless code is consistent with described source file.
Also comprise:
Estimate the unit, be used in advance the performance of obscuring processing being assessed the acquisition evaluation index, described evaluation index comprises the intensity of obscuring processing, obscure the elasticity of processing and obscure the expense of processing.
The technical scheme that is provided by the above embodiment of the invention as seen, source file to input in the embodiment of the present application compiles the generation intermediate file, middle file is carried out the program information that pre-service obtains intermediate file, and strategy is obscured in generation, obscure processing according to obscuring tactful intermediate file, when the result who obscures processing reaches default when obscuring evaluation index, the intermediate file of obscuring after the processing is carried out connection processing, and the file destination after the output connection processing.The embodiment of the present application is carried out antitracking by the code obfuscation; garbage with magnanimity is obscured real information; increase follower's tracking workload and complexity, thereby reached the purpose that can't analyze the code theory that to protect software, improved the security of software.
Description of drawings
In order to be illustrated more clearly in the embodiment of the present application or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 protects the first embodiment flow process of the method for software security for the application;
Fig. 2 protects the second embodiment flow process of the method for software security for the application;
Fig. 3 protects the first embodiment block diagram of the device of software security for the application;
Fig. 4 protects the second embodiment block diagram of the device of software security for the application.
Embodiment
In following a plurality of embodiment of the present invention, some embodiment provides a kind of method of protecting software security, and some embodiment provides a kind of device of protecting software security.
In order to make those skilled in the art person understand technical scheme in the embodiment of the invention better, and the above-mentioned purpose of the embodiment of the invention, feature and advantage can be become apparent more, below in conjunction with accompanying drawing technical scheme in the embodiment of the invention is described in further detail.
The embodiment of the present application has adopted the code obfuscation when software is protected, this technology is obscured real information with the garbage of magnanimity, thereby makes software track person can't analyze software source code, thereby guarantees software security.
Referring to Fig. 1, protect the first embodiment process flow diagram of the method for software security for the application:
Step 101: the source file to input compiles the generation intermediate file.
Wherein, intermediate file comprises: symbol table, control flow and assembly instruction.
Step 102: middle file is carried out the program information that pre-service obtains intermediate file, and strategy is obscured in generation.
Wherein, middle file being carried out pre-service comprises: described intermediate file is carried out process analysis, data-flow analysis and the analysis of data interdependency.
Wherein, obscuring strategy can generate according to the parameter of obscuring that sets in advance, and obscures parameter and can comprise and obscure intensity and obscure elasticity.Concrete, obtain different obscuring intensity and obscure elasticity as required, obscure intensity and obscure elasticity and make up and obtain the described strategy of obscuring what obtain.
Step 103: described intermediate file is obscured processing according to obscuring strategy.
Obscure strategy described intermediate file is traveled through according to described, insert useless code in described intermediate file, the implementation effect that inserts the described intermediate file behind the useless code is consistent with described source file.
Step 104: when the result who obscures processing reaches default when obscuring evaluation index, the intermediate file of obscuring after the processing is carried out connection processing.
Step 105: the file destination after the output connection processing.
The embodiment of the present application mainly is that the key code of software is obscured when the protection software security.Key code is not before obscuring, and follower's tracking workload and complexity are not high, therefore can analyze the critical workflow and the cryptographic algorithm of software in the short period of time; But after obscuring through the code of the embodiment of the present application, because increased the scramble data of magnanimity in source code, so the follower is difficult to therefrom obtain real code information, thereby can't analyze critical workflow.But the CPU processor but still can correct execution, the just small performance loss of generation on execution efficient for the software code after obscuring.
Referring to Fig. 2, protect the second embodiment process flow diagram of the method for software security for the application:
Step 201: in advance the performance of obscuring processing is assessed the acquisition evaluation index, evaluation index comprises the intensity of obscuring processing, obscure the elasticity of processing and obscure the expense of processing.
The technology that code is obscured is a kind of special technique of compiling, and it converts source program P to target program 0 (P).0 (P) compares with P has identical external behavior, but the security performance of code is stronger.Can be described as the requirement of obscuring processing:
If T is a conversion of from source program P to target program 0 (P), if P and 0 (P) has identical may observe behavior, and satisfy following two conditions: if 1. P can't end or end with the state of mistake, then 0 (P) can end, and also can not end; 2. otherwise 0 (P) must end and the generation output result identical with P.Claim that then T is a conversion of obscuring from P to 0 (P).
Before obscuring processing, need its performance to assess, it is the complexity (promptly obscuring the intensity of processing) that program increases that evaluation index has been represented algorithm respectively, the ability (promptly obscuring the elasticity of processing) that the anti-machine of algorithm is attacked, and owing to the overhead that code conversion is brought (promptly obscuring the expense of processing).Specifically, obscure intensity (Potency) index expression of processing and obscure the complexity that the program of being treated to increases, program mainly contains its complexity of 7 generic attributes decision, it is respectively program length, the predicate number, branch and round-robin level, the number of quoting, the number of method parameter, the inheritance tree degree of depth; The elasticity (Resilience) of obscuring processing characterizes the ability that opposing is attacked of handling of obscuring, it is made up of 2 parts, a part is that the assailant obscures processing in order to capture, design and Implement the time and the manpower of the required cost of a corresponding antialiasing device, another part is that antialiasing device carries out the antialiasing expense that spends to obscuring to handle; The expense (Cost) of obscuring processing illustrates obscures the overhead that processing brings to program, it includes two aspects, one is the expense that is spent when program is obscured, another is time complexity and space complexity that program after obscuring is increased when carrying out with respect to original program, and the absolute delay the when program after requiring usually to obscure is carried out is no more than 3 milliseconds.
Step 202: preserve the parameter of obscuring set in advance, obscure parameter and comprise and obscure intensity and obscure elasticity.
Do not obscure parameter list does not need all to set when compiling at every turn, only need be provided with once at specific software source code to get final product.
Obscuring parameter can comprise: obscure intensity and obscure elasticity.Obscure intensity and be meant the iterations of obscuring execution, obscure intensity by increasing and can increase the complexity of follower when the trace routine, thereby play the purpose of defence program; Obscure elasticity and be meant the pattern of penetrating obfuscated codes for fear of the follower, obfuscator is carried out randomness to the flower instruction of needs and is selected, by making up at random of the instruction of not suiting to prevent that the follower from identifying the pattern of obscuring and producing antialiasing device, wherein flower instruction (junk code) is to be conceived especially by the program designer, make mistakes when wishing to make dis-assembling, allow the cracker can't know that correctly dis-assembling goes out contents of program.
Step 203: the source file to input compiles the generation intermediate file.
Source file has referred to comprise the software program of source code, and source file can adopt different language to write, C++ for example, JAVA etc.
With the C++ source file is example, and the program code that comprises in the source file generates intermediate file (for example, * .obj file) through the compiling of compiler, and compilation process comprises carries out analyzing and processing to the morphology of source program code and grammer.
The intermediate file that compiling generates comprises: symbol table, control flow and assembly instruction.The content that this intermediate file comprised is the same with source file all to be used for describing programmed logic, and just expression way changes the machine language of readable relatively difference into from the higher C++ source code of original readability.
Step 204: middle file is carried out the program information that pre-service obtains intermediate file.
Middle file is carried out pre-service to be comprised middle file is carried out process analysis, data-flow analysis and the analysis of data interdependency.
Step 205: obtain different obscuring intensity and obscure elasticity as required.
The strategy of obscuring in the embodiment of the present application obtains by the parameter of obscuring of preserving in advance, obscures parameter can be not limited to enumerate in the embodiment of the present application obscure intensity and obscure elasticity.
Step 206: that will obtain obscures intensity and obscures elasticity and make up and obtain obscuring strategy.
According to the difference of obscuring the parameter kind, can make up as required, thereby configure various intensity and the combination of the instruction of not suiting, making thus all has different results to obscuring of middle file at every turn, thereby further guarantees software security.
Step 207: middle file is traveled through according to obscuring strategy.
Step 208: insert useless code in intermediate file, the implementation effect that inserts the intermediate file behind the useless code is consistent with source file.
The embodiment of the present application is when obscuring processing to middle file, can be provided with one is obscured algorithm and logical process and is formed and obscure engine by a series of, this obscures engine can be according to the requirement of obscuring strategy, middle file is carried out traversal processing, at the inner useless code that inserts magnanimity of the machine language of intermediate file, but to guarantee to insert program behind the useless code consistent on macroscopic view on the implementation effect with source program.The file type of obscuring engine output is consistent with the type of the intermediate file of obscuring preceding input.
Step 209: when the result who obscures processing reaches default when obscuring evaluation index, the intermediate file of obscuring after the processing is carried out connection processing.
When the result who obscures processing reach the default intensity of obscuring processing, when obscuring the elasticity of processing and obscuring the evaluation indexes such as expense of processing, intermediate file after can also will obscuring by connector carries out connection processing, determine final function address, information such as jump address.
Step 210: the file destination after the output connection processing.
Above-mentioned the embodiment of the present application can be applied under the environment that uses security software especially, by security software is obscured, increases by the 3rd people security software is carried out the difficulty of trace debug, has protected the security of security software trade information and user password.
Corresponding with the embodiment of a kind of method of protecting software security of the present invention, the present invention also provides a kind of embodiment that protects the device of software security.
Referring to Fig. 3, protect the first embodiment block diagram of the device of software security for the application:
This device comprises: compilation unit 310, pretreatment unit 320, generation unit 330, obscure unit 340, linkage unit 350 and output unit 360.
Wherein, compilation unit 310 is used for the source file of input is compiled the generation intermediate file;
Referring to Fig. 4, protect the second embodiment block diagram of the device of software security for the application:
This device comprises: estimate unit 410, preserve unit 420, compilation unit 430, pretreatment unit 440, generation unit 450, obscure unit 460, linkage unit 470 and output unit 480.
Concrete, generation unit 450 can comprise (not shown among Fig. 4): obscure parameter acquiring unit, be used for obtaining as required different obscuring intensity and obscure elasticity; Obscure the parameter combinations unit, be used for obscuring intensity and obscuring elasticity and make up and obtain the described strategy of obscuring what obtain.
Concrete, obscure unit 460 and can comprise (not shown among Fig. 4): the file traversal unit is used for obscuring strategy described intermediate file being traveled through according to described; Code inserts the unit, is used for inserting useless code at described intermediate file, and the implementation effect that inserts the described intermediate file behind the useless code is consistent with described source file.
As seen through the above description of the embodiments, source file to input in the embodiment of the present application compiles the generation intermediate file, middle file is carried out the program information that pre-service obtains intermediate file, and strategy is obscured in generation, obscure processing according to obscuring tactful intermediate file, when the result who obscures processing reaches default when obscuring evaluation index, the intermediate file of obscuring after the processing is carried out connection processing, and the file destination after the output connection processing.The embodiment of the present application is carried out antitracking by the code obfuscation; garbage with magnanimity is obscured real information; increase follower's tracking workload and complexity, thereby reached the purpose that can't analyze the code theory that to protect software, improved the security of software.
The technology that those skilled in the art can be well understood in the embodiment of the invention can realize by the mode that software adds essential general hardware platform.Based on such understanding, the part that technical scheme in the embodiment of the invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product can be stored in the storage medium, as ROM/RAM, magnetic disc, CD etc., comprise that some instructions are with so that a computer equipment (can be a personal computer, server, the perhaps network equipment etc.) carry out the described method of some part of each embodiment of the present invention or embodiment.
Each embodiment in this instructions all adopts the mode of going forward one by one to describe, and identical similar part is mutually referring to getting final product between each embodiment, and each embodiment stresses all is difference with other embodiment.Especially, for system embodiment, because it is substantially similar in appearance to method embodiment, so description is fairly simple, relevant part gets final product referring to the part explanation of method embodiment.
Above-described embodiment of the present invention does not constitute the qualification to protection domain of the present invention.Any modification of being done within the spirit and principles in the present invention, be equal to and replace and improvement etc., all should be included within protection scope of the present invention.
Claims (12)
1. a method of protecting software security is characterized in that, comprising:
Source file to input compiles the generation intermediate file;
Described intermediate file is carried out the program information that pre-service obtains described intermediate file, and strategy is obscured in generation;
According to described obscure the strategy described intermediate file is obscured processing;
When the described result who obscures processing reaches default when obscuring evaluation index, the intermediate file of obscuring after the processing is carried out connection processing, and the file destination after the output connection processing.
2. method according to claim 1 is characterized in that, described intermediate file comprises: symbol table, control flow and assembly instruction.
3. method according to claim 1 is characterized in that, describedly middle file is carried out pre-service comprises: described intermediate file is carried out process analysis, data-flow analysis and the analysis of data interdependency.
4. method according to claim 1 is characterized in that, also comprises:
Preservation sets in advance obscures parameter, describedly obscures parameter and comprises and obscure intensity and obscure elasticity.
5. method according to claim 4 is characterized in that, described generation is obscured strategy and comprised:
Obtain different obscuring intensity and obscure elasticity as required;
Obscure intensity and obscure elasticity and make up and obtain the described strategy of obscuring what obtain.
6. method according to claim 1 is characterized in that, describedly obscures strategy and described intermediate file is obscured to handle comprises according to described:
According to described obscure the strategy described intermediate file is traveled through;
Insert useless code in described intermediate file, the implementation effect that inserts the described intermediate file behind the useless code is consistent with described source file.
7. method according to claim 1 is characterized in that, also comprises:
In advance the performance of obscuring processing is assessed the acquisition evaluation index, described evaluation index comprises the intensity of obscuring processing, obscure the elasticity of processing and obscure the expense of processing.
8. a device of protecting software security is characterized in that, comprising:
Compilation unit is used for the source file of input is compiled the generation intermediate file;
Pretreatment unit is used for described intermediate file is carried out the program information that pre-service obtains described intermediate file;
Generation unit is used for generating and obscures strategy;
Obscure the unit, be used for according to described obscure the strategy described intermediate file is obscured processing;
Linkage unit is used for reaching default when obscuring evaluation index as the described result who obscures processing, and the intermediate file of obscuring after the processing is carried out connection processing;
Output unit is used to export the file destination after the connection processing.
9. device according to claim 8 is characterized in that, also comprises:
Preserve the unit, be used to preserve the parameter of obscuring that sets in advance, describedly obscure parameter and comprise and obscure intensity and obscure elasticity.
10. device according to claim 9 is characterized in that, described generation unit comprises:
Obscure parameter acquiring unit, be used for obtaining as required different obscuring intensity and obscure elasticity;
Obscure the parameter combinations unit, be used for obscuring intensity and obscuring elasticity and make up and obtain the described strategy of obscuring what obtain.
11. device according to claim 8 is characterized in that, describedly obscures the unit and comprises:
The file traversal unit, be used for according to described obscure the strategy described intermediate file is traveled through;
Code inserts the unit, is used for inserting useless code at described intermediate file, and the implementation effect that inserts the described intermediate file behind the useless code is consistent with described source file.
12. device according to claim 8 is characterized in that, also comprises:
Estimate the unit, be used in advance the performance of obscuring processing being assessed the acquisition evaluation index, described evaluation index comprises the intensity of obscuring processing, obscure the elasticity of processing and obscure the expense of processing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010568449XA CN101986326A (en) | 2010-12-01 | 2010-12-01 | Method and device for protecting software security |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010568449XA CN101986326A (en) | 2010-12-01 | 2010-12-01 | Method and device for protecting software security |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101986326A true CN101986326A (en) | 2011-03-16 |
Family
ID=43710673
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201010568449XA Pending CN101986326A (en) | 2010-12-01 | 2010-12-01 | Method and device for protecting software security |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101986326A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103324481A (en) * | 2013-06-26 | 2013-09-25 | 网宿科技股份有限公司 | Compiling method and compiling system for obfuscating codes by means of assembly |
CN104102860A (en) * | 2014-08-11 | 2014-10-15 | 北京奇虎科技有限公司 | Protecting method and running method and device and system for Android platform application program |
CN104166822A (en) * | 2013-05-20 | 2014-11-26 | 阿里巴巴集团控股有限公司 | Data protecting method and device |
CN105701410A (en) * | 2015-12-31 | 2016-06-22 | 华为技术有限公司 | Information, device and system for obtaining information in source codes |
CN105718765A (en) * | 2016-01-26 | 2016-06-29 | 国家信息技术安全研究中心 | Method for achieving code obfuscation through finite automaton |
CN106034119A (en) * | 2015-03-16 | 2016-10-19 | 阿里巴巴集团控股有限公司 | Encryption mixing method and device for application installation package |
CN106960140A (en) * | 2016-01-08 | 2017-07-18 | 阿里巴巴集团控股有限公司 | Virtual machine instructions obscure method and device, virtual machine protection system |
CN107092518A (en) * | 2017-04-17 | 2017-08-25 | 上海红神信息技术有限公司 | A kind of Compilation Method for protecting mimicry system of defense software layer safe |
CN107292133A (en) * | 2017-05-18 | 2017-10-24 | 深圳中兴网信科技有限公司 | The obfuscation method and device of artificial intelligence |
CN108416194A (en) * | 2018-03-08 | 2018-08-17 | 北京顶象技术有限公司 | Symbol obscures method and device |
CN111680271A (en) * | 2020-06-02 | 2020-09-18 | 浙江大学 | Contract code obfuscation platform and method based on intelligent contract byte code characteristics |
CN113268769A (en) * | 2021-05-25 | 2021-08-17 | 平安普惠企业管理有限公司 | Method, system and storage medium for processing biological characteristic data based on random confusion |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1605968A (en) * | 2004-11-15 | 2005-04-13 | 南京大学 | Software security ensuring method based on program internal behavior monitoring |
CN101533454A (en) * | 2009-04-14 | 2009-09-16 | 北京飞天诚信科技有限公司 | Compiling method and compiler |
CN101807239A (en) * | 2010-03-29 | 2010-08-18 | 山东高效能服务器和存储研究院 | Method for preventing source code from decompiling |
-
2010
- 2010-12-01 CN CN201010568449XA patent/CN101986326A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1605968A (en) * | 2004-11-15 | 2005-04-13 | 南京大学 | Software security ensuring method based on program internal behavior monitoring |
CN101533454A (en) * | 2009-04-14 | 2009-09-16 | 北京飞天诚信科技有限公司 | Compiling method and compiler |
CN101807239A (en) * | 2010-03-29 | 2010-08-18 | 山东高效能服务器和存储研究院 | Method for preventing source code from decompiling |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104166822A (en) * | 2013-05-20 | 2014-11-26 | 阿里巴巴集团控股有限公司 | Data protecting method and device |
CN104166822B (en) * | 2013-05-20 | 2017-10-13 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus of data protection |
US9836612B2 (en) | 2013-05-20 | 2017-12-05 | Alibaba Group Holding Limited | Protecting data |
CN103324481B (en) * | 2013-06-26 | 2016-08-31 | 网宿科技股份有限公司 | By Compilation Method and the system of implementation by assembly Code obfuscation |
CN103324481A (en) * | 2013-06-26 | 2013-09-25 | 网宿科技股份有限公司 | Compiling method and compiling system for obfuscating codes by means of assembly |
CN104102860A (en) * | 2014-08-11 | 2014-10-15 | 北京奇虎科技有限公司 | Protecting method and running method and device and system for Android platform application program |
CN106034119B (en) * | 2015-03-16 | 2019-01-04 | 阿里巴巴集团控股有限公司 | Method and device is obscured in the encryption of application installation package |
CN106034119A (en) * | 2015-03-16 | 2016-10-19 | 阿里巴巴集团控股有限公司 | Encryption mixing method and device for application installation package |
CN105701410A (en) * | 2015-12-31 | 2016-06-22 | 华为技术有限公司 | Information, device and system for obtaining information in source codes |
CN105701410B (en) * | 2015-12-31 | 2019-03-01 | 华为技术有限公司 | The method, apparatus and system of information in a kind of acquisition source code |
CN106960140A (en) * | 2016-01-08 | 2017-07-18 | 阿里巴巴集团控股有限公司 | Virtual machine instructions obscure method and device, virtual machine protection system |
CN105718765A (en) * | 2016-01-26 | 2016-06-29 | 国家信息技术安全研究中心 | Method for achieving code obfuscation through finite automaton |
CN107092518A (en) * | 2017-04-17 | 2017-08-25 | 上海红神信息技术有限公司 | A kind of Compilation Method for protecting mimicry system of defense software layer safe |
CN107292133A (en) * | 2017-05-18 | 2017-10-24 | 深圳中兴网信科技有限公司 | The obfuscation method and device of artificial intelligence |
CN108416194A (en) * | 2018-03-08 | 2018-08-17 | 北京顶象技术有限公司 | Symbol obscures method and device |
CN108416194B (en) * | 2018-03-08 | 2020-10-23 | 北京顶象技术有限公司 | Symbol confusion method and device |
CN111680271A (en) * | 2020-06-02 | 2020-09-18 | 浙江大学 | Contract code obfuscation platform and method based on intelligent contract byte code characteristics |
WO2021244054A1 (en) * | 2020-06-02 | 2021-12-09 | 浙江大学 | Contract code obfuscation platform and obfuscation method based on smart contract bytecode features |
CN113268769A (en) * | 2021-05-25 | 2021-08-17 | 平安普惠企业管理有限公司 | Method, system and storage medium for processing biological characteristic data based on random confusion |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101986326A (en) | Method and device for protecting software security | |
Schrittwieser et al. | Protecting software through obfuscation: Can it keep pace with progress in code analysis? | |
Banescu et al. | A tutorial on software obfuscation | |
Deng et al. | iris: Vetting private api abuse in ios applications | |
US8589897B2 (en) | System and method for branch extraction obfuscation | |
CN110210190A (en) | A kind of Code obfuscation method based on secondary compilation | |
Shahriar et al. | Taxonomy and classification of automatic monitoring of program security vulnerability exploitations | |
Basile et al. | A meta-model for software protections and reverse engineering attacks | |
Jain et al. | Enriching reverse engineering through visual exploration of Android binaries | |
Lu et al. | DeepAutoD: Research on distributed machine learning oriented scalable mobile communication security unpacking system | |
Sebastian et al. | A study & review on code obfuscation | |
Joshi et al. | Impact of software obfuscation on susceptibility to return-oriented programming attacks | |
Tokhtabayev et al. | Expressive, efficient and obfuscation resilient behavior based IDS | |
Joshi et al. | Trading Off a Vulnerability: Does Software Obfuscation Increase the Risk of ROP Attacks. | |
Wang et al. | Invalidating analysis knowledge for code virtualization protection through partition diversity | |
Jia et al. | ERMDS: A obfuscation dataset for evaluating robustness of learning-based malware detection system | |
Blanc et al. | A step towards static script malware abstraction: Rewriting obfuscated script with maude | |
McDonald et al. | Program Protection through Software-based Hardware Abstraction. | |
Banescu | Characterizing the strength of software obfuscation against automated attacks | |
Kumar et al. | A generalized process of reverse engineering in software protection & security | |
King et al. | Analysis of executables: Benefits and challenges (dagstuhl seminar 12051) | |
Lim et al. | SOK: On the Analysis of Web Browser Security | |
Alouneh et al. | A software approach for stack memory protection based on duplication and randomisation | |
Li | A survey on tools for binary code analysis | |
Visaggio | The state of the malware: What can we defend against? |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110316 |