CN108614960A - A kind of JavaScript virtualization guard methods based on front end bytecode technology - Google Patents
A kind of JavaScript virtualization guard methods based on front end bytecode technology Download PDFInfo
- Publication number
- CN108614960A CN108614960A CN201810446970.2A CN201810446970A CN108614960A CN 108614960 A CN108614960 A CN 108614960A CN 201810446970 A CN201810446970 A CN 201810446970A CN 108614960 A CN108614960 A CN 108614960A
- Authority
- CN
- China
- Prior art keywords
- code
- handler
- javascript
- attribute
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 113
- 238000005516 engineering process Methods 0.000 title claims abstract description 26
- 230000004224 protection Effects 0.000 claims abstract description 21
- 230000008569 process Effects 0.000 claims abstract description 13
- 238000004458 analytical method Methods 0.000 claims abstract description 7
- 238000013507 mapping Methods 0.000 claims abstract description 5
- 230000006870 function Effects 0.000 claims description 47
- 238000012546 transfer Methods 0.000 claims description 40
- 238000005194 fractionation Methods 0.000 claims description 17
- 230000008520 organization Effects 0.000 claims description 6
- 239000011800 void material Substances 0.000 claims description 6
- 239000000284 extract Substances 0.000 claims description 2
- 238000013461 design Methods 0.000 abstract description 15
- 230000002633 protecting effect Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 239000003292 glue Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000000126 substance Substances 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000008571 general function Effects 0.000 description 1
- 238000007429 general method Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
The invention discloses a kind of, and the JavaScript code based on front end bytecode technology virtualizes guard method; on the one hand this method introduces the thought of code virtualization; the principle that guard method is virtualized by studying and using for reference binary code proposes a kind of code virtualization protection scheme of JavaScript source codes grade.By analysis introduction virtual machine architecture, fictitious order collection, the design details such as virtual interpreter and command mappings coding rule protect the execution logic of JavaScript code;On the other hand virtual interpreter is realized based on front end bytecode technology bytecode technology, the virtual interpreter for virtualizing protection scheme to JavaScript using new front end bytecode technology is improved and compiles the nucleus module realized and hide virtual machine architecture.By the combination of two aspect technologies, virtualization can be utilized to increase the intensity of JavaScript code protection but also the efficiency of WebAssembly is utilized to reduce the overhead that virtualization process is brought, can effectively improve the safety of front end key code.
Description
Technical field
The invention belongs to computer software codes to protect field.How to be protected in the front end environment of source code transmission
The safety of JavaScript application codes prevents its analysis and utilization by malice, to protecting the equity of Internet Service Provider
It is most important.For this Tough questions, the present invention by the attacking and defending Mechanism Study to JavaScript code protection technique, into
And more effective code protection scheme is designed, increase attack difficulty.
Background technology
Developing early stage in Web, the responsibility that JavaScript undertakes in Web system is few, only simple submission form,
File is also very simple, therefore does not also need any protection.And more and more abundant today is applied in Web, along with browsing
The raising of device performance and network speed, the work that JavaScript is carried becomes more next more, also more and more important.Many back-end logics
It is all shifted in gradual forward end, at the same time more criminals is also allowed to have an opportunity to take advantage of.In Web models, JavaScript
Often first breach of criminal.It is realised that front end logic, criminal can be modeled to a normal user
To implement the malicious act of oneself.So in many logins, registration, payment, transaction etc. the page, key business is relied on
JavaScript it is not desirable that easily cracked by people, JavaScript protections are come into being.
What it is due to JavaScript transmission is exactly source code, and in front end is fought, the exposure of source code makes its safety very
Fragility, therefore all the time, the protection of JavaScript code by academia and industrial quarters concern.And current mainstream
JavaScript code safeguard measure is predominantly simplified, encrypts and is obscured, and the core concept of these methods is mainly used for reference from tradition
Software code protection technique.JavaScript belongs to script, is exactly the text with grammatical attribute in transmission process
Source code, conversed analysis are more prone to than traditional binary application program by compiling, add the development of browser, adjust
The function of trying device is more and more perfect, these guard methods are difficult to play good protecting effect.
Invention content
For defect existing for current JavaScript code guard method, before being based on the purpose of the present invention is to propose to one kind
Hold JavaScript code virtualization guard method JSVMP (the Virtual Machine of bytecode technology WebAssembly
Based code Protection for JavaScript), in the case where sacrificing acceptable performance cost, this method can
Effectively to prevent current analysis tool, good protecting effect can be played.
In order to realize that above-mentioned task, the present invention use following technical scheme:
A kind of JavaScript code virtualization guard method based on front end bytecode technology, includes the following steps:
Step 1, it would be desirable to the which whether JavaScript code of protection is divided into different code segments, deposited according in code segment
Code segment is divided into attribute and method type, computation-intensive in DOM attributes;
Step 2, the function of being realized respectively according to attribute and method type code segment, computation-intensive code segment, it is right to generate its
The interpretive program Handler answered;
Step 3, the abstract syntax tree for needing JavaScript code to be protected is split, obtains intermediate code;It is right
The interpretive program Handler generates its corresponding fictitious order and is encoded, and institute is indicated using the fictitious order
The intermediate code stated, the code to be virtualized;
Step 4, the virtual interpreter of computation-intensive code segment and the void of attribute and method type code segment are established respectively
Quasi- interpreter is simultaneously compiled.
Further, computation-intensive code segment is divided into data transfer instruction, control according to the function of its realization in step 2
Transfer instruction and operational order, wherein:
The Handler of data transfer class instruction is for handling transfer of the data between each storage organization;
The Handler of control transfer instruction redirects relevant function for completing, and virtual journey is changed by redirecting deviant
Sequence counter redirected after execute instruction, to realize control transfer;
The Handler of operational order is for calculating data element for different operators.
Further, attribute and method code section are divided into data transfer instruction, control according to the function of its realization in step 2
Transfer instruction, attribute call instruction, method call instruction, function call instruction and string operation instruction, wherein:
The Handler of data transfer class instruction is added to word for handling transfer of the data between each storage organization
Symbol string retains array and the macro EM_ASM of WebAssembly official definitions;
The Handler of control transfer instruction redirects relevant function for completing, and virtual journey is changed by redirecting deviant
Sequence counter redirected after execute instruction, to realize control transfer;
The Handler of attribute call instruction utilizes the macro EM_ASM of the inline JavaScript of WebAssembly, realizes general
Attribute call;
The Handler of method call instruction utilizes the macro EM_ASM_ARGS of the inline JavaScript of WebAssembly, real
Existing general method call;
The Handler of function call instruction utilizes the macro EM_ASM_ARGS of the inline JavaScript of WebAssembly, real
Existing general function call;
The Handler of string operation instruction utilizes the macro EM_ASM of the inline JavaScript of WebAssembly, realizes logical
Arithmetic operation.
Further, the abstract syntax tree to need JavaScript code to be protected described in step 3 is split, and is obtained
To intermediate code, including:
Step 3.3.1, when JavaScript code is split, the control structure as encountering cycle and branch is then held
Row step 3.1.2 is split if being encountered into line statement:
Code analysis is carried out first, extracts the abstract syntax tree of code, is divided into as unit of each statement block more
A subtree, and instruction fractionation is carried out to each statement block by way of postorder traversal, to obtain the intermediate code of entire code;
Cycle and branched structure are carried out tiling fractionation by step 3.3.2 when there is the control structure of cycle and branch,
Process is as follows:
Control structure node is first obtained when fractionation, then obtains the child node of control node, and all child nodes are sequentially inserted into
On the left of to control node, and it is inserted into flag node mark structure range, becomes the relationship of the brotgher of node, finally deletes former control
Node, to obtain intermediate code by splitting;
After having been split to cycle and branched structure, return to step 3.1.1 continues to split code.
Further, its corresponding fictitious order is generated to the interpretive program Handler in step 3 and compiled
Code, including:
Computation-intensive Handler and attribute and method type Handler are encoded and virtualized respectively, is obtained each
The corresponding fictitious order of a Handler and coding, specific method are:
For each Handler, generates a random number and indicate the corresponding fictitious orders of the Handler, and distribute one
A coding, and random number, fictitious order are corresponded, fictitious order is indicated into the part for completing to encode with random number.
Further, step 3 further includes:
Character string constant in instruction that code obtains after fractionation is all extracted, individually storage a to word
In symbol string array VMA [], the position of former character string constant is replaced with corresponding array element index VMA [i], and i is nature
Number.
Further, the structure of the virtual interpreter of the computation-intensive code segment described in step 4 includes:
Scheduler, byte coded program, interpretive program collection and virtual execution environment, wherein:
The scheduler is used to read bytecode from byte coded program and decodes semanteme, then returnes to scheduler
Continue to read bytecode, decoding process, the end loop after the completion of all bytecode decodings;
The byte coded program by fictitious order by coding obtain, at runtime, by scheduler read decoding come
Restore the function of code segment;
The set of the interpretive program Handler for the computation-intensive code segment that the interpretive program collection, that is, step 2 generates;
The virtual execution environment is used to apply for memory to simulate the local real register file of mapping.
Further, the structure and computation-intensive of the virtual interpreter of the attribute described in step 4 and method type code segment
The structure of the virtual interpreter of code segment is essentially identical, the difference is that:
Interpretive program collection is replaced with to the collection of the interpretive program Handler of attribute and method type code segment that step 2 generates
It closes, and adds the array VMA [] for preserving character string.
A kind of JavaScript code virtualization protection system based on front end bytecode technology, including sequentially connected generation
Code division module, interpretive program generation module, code virtualization modules and interpreter generate collector, wherein:
The code division module will be for that will need JavaScript code to be protected to be divided into different code segments, root
Code segment is divided into attribute and method type, computation-intensive with the presence or absence of DOM attributes according in code segment;
The interpretive program generation module is used for respectively according to attribute and method type code segment, computation-intensive code segment
The function of realization generates its corresponding interpretive program Handler;
The code virtualization modules are used for needing the abstract syntax tree of JavaScript code to be protected to tear open
Point, obtain intermediate code;Its corresponding fictitious order is generated to the interpretive program Handler and is encoded, institute is utilized
The fictitious order stated indicates the intermediate code, the code to be virtualized;
The interpreter generate collector be used to establish respectively computation-intensive code segment virtual interpreter and
The virtual interpreter of attribute and method type code segment is simultaneously compiled.
The present invention has following technical characterstic compared with prior art:
1. one aspect of the present invention introduces the execution logic of the thought protection JavaScript code of code virtualization;Another party
Face is based on front end bytecode technology bytecode technology and realizes virtual interpreter, hides the core logic of virtual machine itself;Pass through two
The combination of aspect technology can utilize virtualization to increase the intensity of JavaScript code protection but also utilize WebAssembly
Efficiency reduce the overhead that brings of virtualization process, can effectively improve the safety of front end key code.
2. the present invention realizes the thought of JavaScript code virtualization, and for attribute and method type and computation-intensive
The two kinds of JavaScript code of type designs two sets of corresponding virtualization schemes;It proposes based on front end bytecode technology
The design and incidence relation of virtual interpreter various components, realize and are virtually explained for above two different type object code
The compiling of device and calling.
Description of the drawings
Fig. 1 is the protection flow chart of the method for the present invention;
Fig. 2 is the example that object properties operational order is split;
Fig. 3 is the example of computation-intensive code segment virtualization and cataloged procedure;
(a) of Fig. 4 is the structural schematic diagram of the various components of the virtual interpreter of computation-intensive code segment, and (b) of Fig. 4 is
The structural schematic diagram of attribute and the virtual interpreter various components of method type code segment;
Fig. 5 is the Structure Comparison figure of two kinds of virtual interpreters after compiling;
Fig. 6 is the open and flat example of IF statement block;
Fig. 7 is to protect front and back code form to compare using the method for the present invention.
Specific implementation mode
In compliance with the above technical solution, as shown in Figure 1, it is a kind of based on front end bytecode technology WebAssembly's
JavaScript code virtualizes guard method, includes the following steps:
Step 1, it would be desirable to the which whether JavaScript code of protection is divided into different code segments, deposited according in code segment
Code segment is divided into attribute and method type, computation-intensive in DOM attributes;
In this step, need JavaScript code to be protected is segmented first, such as can will be used in entire code
To realize that the code of specific function (such as calculating, calling etc.) is respectively divided into a code segment, then to each code segment
It is scanned, checks and whether there is DOM attributes (" " attribute) in code segment, if code segment is integrally determined as attribute in the presence of if
And method type, code segment is otherwise determined as computation-intensive.
For example, for the code segment after following two divisions:
function test(){document.getElementById();Var a=3+4;}
Function cal () { var a=3+4;Var b=6/3;return a+b;}
Document.getElementById is the form of " " attribute wherein in test code segments, then test code segments
As attribute and method type;As long as and occurring primary " " attribute in code segment and being determined as attribute and method type at once.
Calculating formula, the DOM attributes such as no document are only existed in cal code segments, therefore this DOM that is entirely free of is belonged to
The code segment for containing only calculating operation of property (" " attribute) is defined as computation-intensive.
Step 2, the function of being realized respectively according to attribute and method type code segment, computation-intensive code segment, it is right to design its
The interpretive program Handler answered;
Step 2.1, the interpretive program Handler of computation-intensive code segment is generated
With reference to the mode classification of existing assembler language, classify to computation-intensive code segment, by computation-intensive generation
Code section is divided into data transfer instruction, control transfer instruction and operational order according to the function of its realization, and establishes per a kind of instruction
Interpretive program Handler, referred to as computation-intensive Handler.Its corresponding Handler, which is designed, according to instruction belongs to this field
The conventional technical means of technical staff, the following table 1 give a kind of specific example:
1 interpretive program of table is classified and specific design example
(1) Handler of data transfer class instruction is for handling transfer of the data between each storage organization.Such as it calculates
Intensive data space is bytecode array VMdata, parametric function and local variable array VarList and stack STA tri-
Part.
(2) Handler of control transfer instruction redirects relevant function for completing, and is obtained by bytecode array VMdata
Deviant must be redirected, executing instruction after being redirected using deviant modification virtual program counter VPC, to realize control
Transfer.
(3) Handler of operational order is with being then directed to different operators, for example, add, subtract, the operations such as exclusive or are to data
Member is calculated.Numerical value in register is calculated by operator, result is preserved.
Step 2.2, the interpretive program (Handler) of design attributes and method type code segment
For attribute and method type code segment, classify also according to the function of code segment, be divided into data transfer instruction,
Control transfer instruction, attribute call instruction, method call instruction, function call instruction and string operation instruction, and generate
Per the interpretive program Handler of a kind of instruction, referred to as attribute and method type Handler.In this step, front end bytecode is utilized
The Handler of the inline JavaScript of macro realization of technology WebAssembly official definitions, the design of these Handler are directed to
These operations are divided into calling attribute by the distinctive action types of JavaScript according to JavaScript standards, call method and
String operation.Specific example is as shown in table 2:
2 attribute of table and method type interpretive program specifically design example
(1) Handler of data transfer instruction, for handling transfer of the data between each storage organization, design side
Formula can be added on the basis of the data transfer instruction Handler in computation-intensive code segment and preserve string data
Character string retains array VMA [], and adds the macro EM_ASM of WebAssembly official definitions.
(2) Handler of control transfer instruction redirects relevant function for completing, it is known that passes through bytecode array
VMdata acquisitions redirect deviant, executing instruction after being redirected using deviant modification virtual program counter VPC, to
Realize control transfer.The Handler phases of the Handler design and the control transfer instruction of computation-intensive code segment of the instruction
Together.
(3) Handler of attribute call instruction, JavaScript standard two kinds of method of calling of offer, attribute method of calling,
Such as Target.Property;With element method of calling, such as Target [' Element '].We use element tune herein
Use mode.Attribute tune is realized also with the mode of the inline JavaScript of EM_ASM to the design of such Handler
With.For the object that part JavaScript standards provide, data value is compared in Handler, then uses object
Instead of, such as Handler get () in table 2, judge whether string value is equal to the object value that official provides in register 2, such as
Fruit is to replace character string to be called with object.
(4) Handler of method call instruction, JavaScript standards two kinds of method of calling of offer, attribute method of calling,
Such as Target.Property (Argument) and element method of calling, such as Target [' Element '] (Argument).
We are used here as element method of calling.The EM_ that we are provided using WebAssmebly officials to such Handler
ASM_ARGS macrodefinition implementation methods are called, and number of parameters when incoming parameter control method calling, i.e. wherein Handler's
The number of parameters of parameter control method;Such as parameter byte is passed to EM_ASM_ARGS control categories by Handler cal () in table
Property call in parameter number, same pair and object value be compared, and character string is replaced with object if equal.
(5) Handler of function call instruction, to such Handler, we are carried using WebAssmebly officials
The EM_ASM_ARGS macrodefinition implementation methods of confession are called, and are passed to the number of parameter when control method is called, i.e., wherein
The number of parameters of the state modulator function of Handler;Such as Handler cal_n () in table 2, control letter using parameter byte
Number number of parameters.
(6) Handler of string operation instruction realizes operation using the EM_ASM macrodefinitions that WebAssembly is provided
Operation obtains register intermediate value and accords with calculating acquisition operation result further according to nonidentity operation.
Step 3, the abstract syntax tree for needing JavaScript code to be protected is split, obtains intermediate code;It is right
The interpretive program Handler generates its corresponding fictitious order and is encoded, and institute is indicated using the fictitious order
The intermediate code stated, the code to be virtualized;
Step 3.1, to needing JavaScript code to be protected to carry out instruction fractionation, by simulating the scheduling locally instructed
Mode selects a kind of instruction architecture based on stack to design specific split process.It is as follows that instruction splits detailed process:
Step 3.1.1, when JavaScript code is split, the control structure as encountering cycle and branch is then held
Row step 3.1.2 is split if being encountered into line statement:
JavaScript code analysis is carried out when being split into line statement first, JavaScript generations are extracted using Rhino
The abstract syntax tree of code, is divided into multiple subtrees, and to every by way of postorder traversal as unit of each statement block
A statement block carries out instruction fractionation, to obtain the intermediate code (set of a plurality of atomic operation after fractionation) of entire code.
Judge whether that attribute calls in analytic process, method call, the function of function call and string operation is judged with this
Use computation-intensive Handler or attribute and method type Handler;That is, being called if there is attribute, method call, letter
Number calls and the function of string operation, then uses attribute and method type Handler, otherwise uses computation-intensive Handler.
After the Handler used in judging, calculating operation node is encountered, according to Handler pairs of command adapted thereto
Code is split.For in attribute and method type code segment attribute call instruction and method call instruction, first by attribute tune
It is converted to element method of calling with mode, then nested attribute calling is split, splits into the shape described in Handler
Formula.
Such as:Target[‘Property1’][‘Property2’]();It is converted to Target [' Property1 '] and R1
The form of [' Property2 '] (), wherein R1 preserve the result of Target [' Property1 '].
If " document.write (str) " in Fig. 2 examples is for this kind of statement block, by converting and splitting, by it
Become one " ElementGet " and one " FunctionCall ".Note:" document " after fractionation, " write ", " str "
It is character string constant;
Cycle and branched structure are carried out tiling fractionation by step 3.1.2 when there is the control structure of cycle and branch,
Process is as follows:
Control structure node is first obtained when fractionation, then obtains the child node of control node, and all child nodes are sequentially inserted into
On the left of to control node, and it is inserted into flag node mark structure range, becomes the relationship of the brotgher of node, finally deletes former control
Node;Each sentence is all an independent atomic operation after fractionation, and is linear relationship between them, to be torn open
The set of atomic operation after point, i.e. intermediate code.
After being split according to step 3.1.2 to the control structure of the cycle and branch that currently encounter, according still further to step
3.1.1 continue the fractionation of code.
Such as IF statement, as shown in fig. 6, in if the corresponding elements of key body be all if sentences decision node and
The sentences such as thenpart, these nodes and if sentences are father and son's node relationships, now open and flat to tree construction progress, pass through addition
Thenpart, thenpartend and ifend flag node describe if sentence ranges, and all child nodes are all become if sentences
The brotgher of node, complete it is open and flat to the node of if sentences.
Step 3.2, character transfer process is realized
By step 3.1.1 instruction split, by including DOM objects all variables and attribute be all converted into
Inherently there is character string in this kind of constant in character string constant (i.e. " property1 ", " property2 ", " arguments ")
Parameter of the constant together as load instruction appears in current intermediate code.
Character string constant of the JavaScript code after step 3.1 fractionation in obtained instruction is all extracted
Come, individually in storage a to character string dimension " VMA [] ", the corresponding array element rope in position of former character string constant
Draw " VMA [i] " to replace, i is natural number;May finally obtain one with VMA [i] indicate character string constant intermediate code and
One character string dimension, this character string dimension will obtain byte coded program together as important critical data and final coding
It is stored in virtual interpreter.
Step 3.3, instruction virtual and coding are realized
By operation before, each child node function of abstract syntax root vertex and the Handler's that designs before
Function corresponds to, these child node sentences are known as intermediate code.In this step, using self-defined fictitious order set representations each
Handler。
Computation-intensive Handler and attribute and method type Handler are encoded and virtualized respectively, is obtained each
The corresponding fictitious order of a Handler and coding, specific method are:
For each Handler, generates a random number and indicate the corresponding fictitious orders of the Handler, and distribute one
A coding (different fictitious orders corresponding coding different), and make random number, fictitious order one-to-one correspondence, fictitious order is used
Random number indicates to complete the part of coding, finally the result of coding to be saved in VMdata.In the same manner, it produces
The fictitious order and coding of all computation-intensive Handler and attribute and method type Handler, to constitute fictitious order collection
With digital command collection.
After obtaining fictitious order collection, indicate that step 3.1 splits the intermediate code of code building using fictitious order, to
To the code of virtualization.
Specific example is as shown in table 3:
Mapping of 3 fictitious order of table to random number
Step 4, the virtual interpreter of computation-intensive code segment and the void of attribute and method type code segment are established respectively
Quasi- interpreter is simultaneously compiled.
Step 4.1, the virtual interpreter of computation-intensive code segment is established
For the virtual interpreter of computation-intensive code segment, design only includes the virtual interpreter structure of WASM modules,
Its component part has:Scheduler (Dispatcher), byte coded program (VMdata), interpretive program collection (Handlers) and void
Quasi- performing environment (VMcontext), the contact of each inter-module is as shown in (a) of Fig. 4.Each assembly function is as follows:
(1) virtual execution environment (VMcontext) is used to apply for one section of memory to simulate the local true deposit of mapping
Device.
(2) byte coded program (VMdata) is encoded via fictitious order, at runtime, is read by scheduler
It decodes to restore the function of code segment, wherein having contained the semantic logic of object code.
(3) scheduler (Dispatcher) is for completing to work as follows:
First, bytecode is read from VMdata and is decoded, and the reading order of bytecode relies primarily on a variable V PC
(program counter) controls.Then, semanteme is decoded, corresponding interpretive program Handler is dispatched according to index and is held to explain
Row.It is finally returned to Dispatcher and continues above-mentioned reading bytecode, decoding process, until all bytecodes are completed in decoding
End loop afterwards.Design realizes this scheduling process using cycle plus selection structure.
(4) interpretive program collection (Handlers) is the significant components for restoring bytecode semanteme, and scheduler is in decoding bytecode
Later, corresponding interpretive program Handler can be called.Here the interpretive program that interpretive program collection, that is, step 2.1 generates
The set that Handler is constituted.
When virtual machine executes, the coded data in VMdata is read by the VPC in Dispatcher, obtains coded data
Dispatcher can go the Handler for calling coding corresponding to complete corresponding function afterwards.
Virtual execution environment VMcontext and interpretive program Handler realizes all data structures using C language completely
With execution logic, the Handler of " lod_i " is such as instructed, the operation realized is that stack top is counted in load one immediately.Therefore, it counts
Calculating the virtual interpreter of intensive object code, finally only compiling obtains " .wasm " file, wherein comprising all virtual
Interpreter component.The incidence relation of various components is as shown in Figure 4, and Dispatch is responsible for scheduling, completes to read byte coded program
The cycle that VMdata and the corresponding Handler of decoding scheduling are executed, the intermediate result of calculating preserve in VMcontext.
Compiling and calling:
The compiling of the virtual interpreter of computation-intensive code segment will contain virtual solution by Emscripten compilers
" .c " file of the core logic and corresponding assembly of releasing device is compiled into WASM modules, finally obtains " .wasm " file, such as schemes
Shown in 5, virtual interpreter component wherein included has:Scheduler Dispatcher, virtual execution environment VMcontext, byte
Coded program VMdata and interpretive program collection Handlers is automatically generated while compiling and is glued code Glue code.
When calling, " .wasm " file is loaded using code is glued, splicing is directly appended in target program, it is complete
The load of pairs of WASM modules, to ArrayBuffer conversion, instantiate and ultimately generate the functions such as module extraction.
Step 4.2, the virtual interpreter of attribute and method type code segment is established
The realization of this part and the interpreter of computation-intensive code segment are essentially identical, only by interpretive program collection
(Handlers) interpretive program collection (the interpretive program Handler that step 2.2 generates of attribute set method type code segment is replaced with
Set), in addition to the Handler of cooperation string operation instruction, addition preserves the array VMA [] of character string, such as Fig. 4
(b) shown in;For the Handler of the data transfer instruction of attribute and method code section, when called upon, need from VMA []
Value;Other than these differences, the complete phase of interpreter of the implementation procedure and computation-intensive code segment of remaining various pieces
Together.
Because for attribute and method type code segment, there is the DOM objects that webassembly can not be handled, therefore these
The preservation of object, which needs to rely on, is glued code.The virtual interpreter of attribute and method type object code after final compiling and calculating
Difference in the virtual interpreter structure of intensive object code is as shown in Figure 5, it can be seen that compared with attribute and the mesh of method type
The virtual interpreter of code is marked, the virtual interpreter of computation-intensive code segment only includes WASM modules and explained independently of virtual
Splicing code except device.Here it is therein that the virtual interpreter of attribute and method type code segment will be glued code to be used as
A part (includes js modules in Figure 5), and the virtual interpreter of computation-intensive code segment does not include being glued code portions
Point, its splicing code is independently of except virtual interpreter, and this structure is because of the void of attribute and method type code segment
All DOM attributes of the splicing in store code segment of code section of quasi- interpreter, therefore need whole progress in being compiled below
Compiling, and the splicing code of the virtual interpreter of computation-intensive code segment with virtual interpreter without being compiled.
Compiling and calling:
The compiling of the virtual interpreter of attribute and method type code segment will be contained virtually by Emscripten compilers
The core logic of interpreter:" .c " file of VMA [], VMdata, Dispatcher and corresponding assembly are compiled into WASM modules,
And the splicing code Glue code compilings generated when by Vmcontest, Handlers and compiling generate " .js " file.
When calling, " .js " file where code is glued in addition into the JavaScript program after protection loads generation
" .wasm " file comprising virtual interpreter, is loaded into browser by code by this document.Simultaneously by virtual interpreter entrance
The function name load of the former object code of function example chemical conversion, replaces former key code, when going to key code (attribute and method
Type code segment) when can be directly entered in virtual interpreter and execute.Example is as follows:The front and back code structure such as Fig. 7 institutes of protection
Show, in the function Draw after protection, virtual interpreter entrance function example chemical conversion _ _ Z5interi (1), when executing code,
When calling the function Draw after protecting, is then entered in virtual interpreter by entrance function _ _ Z5interi (1) and start to explain
Execute fictitious order.
Claims (9)
1. a kind of JavaScript code based on front end bytecode technology virtualizes guard method, which is characterized in that including with
Lower step:
Step 1, it would be desirable to which the JavaScript code of protection is divided into different code segments, whether there is according in code segment
Code segment is divided into attribute and method type, computation-intensive by DOM attributes;
Step 2, the function of being realized respectively according to attribute and method type code segment, computation-intensive code segment, it is corresponding to generate its
Interpretive program Handler;
Step 3, the abstract syntax tree for needing JavaScript code to be protected is split, obtains intermediate code;To described
Interpretive program Handler generate its corresponding fictitious order and encoded, indicate described using the fictitious order
Intermediate code, the code to be virtualized;
Step 4, the virtual interpreter of computation-intensive code segment and the virtual solution of attribute and method type code segment are established respectively
It releases device and is compiled.
2. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is, in step 2 computation-intensive code segment according to function of its realization be divided into data transfer instruction, control transfer instruction and
Operational order, wherein:
The Handler of data transfer class instruction is for handling transfer of the data between each storage organization;
The Handler of control transfer instruction redirects relevant function for completing, and virtual program meter is changed by redirecting deviant
Executing instruction after device is redirected is counted, to realize control transfer;
The Handler of operational order is for calculating data element for different operators.
3. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is, in step 2 attribute and method code section according to function of its realization be divided into data transfer instruction, control transfer instruction,
Attribute call instruction, method call instruction, function call instruction and string operation instruction, wherein:
The Handler of data transfer class instruction is added to character string for handling transfer of the data between each storage organization
Retain array and the macro EM_ASM of WebAssembly official definitions;
The Handler of control transfer instruction redirects relevant function for completing, and virtual program meter is changed by redirecting deviant
Executing instruction after device is redirected is counted, to realize control transfer;
The Handler of attribute call instruction utilizes the macro EM_ASM of the inline JavaScript of WebAssembly, realizes general category
Property call;
The Handler of method call instruction utilizes the macro EM_ASM_ARGS of the inline JavaScript of WebAssembly, realizes logical
Method call;
The Handler of function call instruction utilizes the macro EM_ASM_ARGS of the inline JavaScript of WebAssembly, realizes logical
Function call;
The Handler of string operation instruction utilizes the macro EM_ASM of the inline JavaScript of WebAssembly, realizes general
Arithmetic operation.
4. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is that the abstract syntax tree to need JavaScript code to be protected described in step 3 is split, and obtains intermediate generation
Code, including:
Step 3.3.1, when JavaScript code is split, the control structure as encountering cycle and branch then executes step
Rapid 3.1.2 is split if being encountered into line statement:
Code analysis is carried out first, extracts the abstract syntax tree of code, and multiple sons are divided into as unit of each statement block
Tree, and instruction fractionation is carried out to each statement block by way of postorder traversal, to obtain the intermediate code of entire code;
Cycle and branched structure are carried out tiling fractionation, process by step 3.3.2 when there is the control structure of cycle and branch
It is as follows:
Control structure node is first obtained when fractionation, then obtains the child node of control node, and all child nodes are sequentially inserted into control
On the left of node processed, and it is inserted into flag node mark structure range, becomes the relationship of the brotgher of node, finally deletes former control section
Point, to obtain intermediate code by splitting;
After having been split to cycle and branched structure, return to step 3.1.1 continues to split code.
5. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is, generates its corresponding fictitious order to the interpretive program Handler in step 3 and encodes, including:
Computation-intensive Handler and attribute and method type Handler are encoded and virtualized respectively, each is obtained
The corresponding fictitious orders of Handler and coding, specific method are:
For each Handler, generates a random number and indicate the corresponding fictitious orders of the Handler, and distribute a volume
Code, and random number, fictitious order are corresponded, fictitious order is indicated into the part for completing to encode with random number.
6. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is that step 3 further includes:
Character string constant in instruction that code obtains after fractionation is all extracted, individually storage a to character string
In array VMA [], the position of former character string constant is replaced with corresponding array element index VMA [i], and i is natural number.
7. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is that the structure of the virtual interpreter of the computation-intensive code segment described in step 4 includes:
Scheduler, byte coded program, interpretive program collection and virtual execution environment, wherein:
The scheduler is used to read bytecode from byte coded program and decodes semanteme, then returnes to scheduler continuation
Bytecode, decoding process are read, the end loop after the completion of all bytecode decodings;
The byte coded program is obtained by fictitious order by coding, at runtime, reads decoding by scheduler to restore
The function of code segment;
The set of the interpretive program Handler for the computation-intensive code segment that the interpretive program collection, that is, step 2 generates;
The virtual execution environment is used to apply for memory to simulate the local real register file of mapping.
8. the JavaScript code based on front end bytecode technology virtualizes guard method as described in claim 1, special
Sign is, the void of the structure and computation-intensive code segment of the virtual interpreter of attribute and method type code segment described in step 4
The structure of quasi- interpreter is essentially identical, the difference is that:
Interpretive program collection is replaced with to the set of the interpretive program Handler of attribute and method type code segment that step 2 generates, and
Addition preserves the array VMA [] of character string.
9. a kind of JavaScript code based on front end bytecode technology virtualizes protection system, which is characterized in that including according to
Code division module, interpretive program generation module, code virtualization modules and the interpreter of secondary connection generate collector,
In:
The code division module will be for that will need JavaScript code to be protected to be divided into different code segments, according to generation
Code segment is divided into attribute and method type, computation-intensive with the presence or absence of DOM attributes in code section;
The interpretive program generation module according to attribute and method type code segment, computation-intensive code segment for realizing respectively
Function, generate its corresponding interpretive program Handler;
The code virtualization modules are used to, to needing the abstract syntax tree of JavaScript code to be protected to split, obtain
To intermediate code;Its corresponding fictitious order is generated to the interpretive program Handler and is encoded, the void is utilized
Pseudoinstruction indicates the intermediate code, the code to be virtualized;
The interpreter generates the virtual interpreter and attribute that collector is used to establish computation-intensive code segment respectively
And method type code segment virtual interpreter and be compiled.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810446970.2A CN108614960B (en) | 2018-05-11 | 2018-05-11 | JavaScript virtualization protection method based on front-end byte code technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810446970.2A CN108614960B (en) | 2018-05-11 | 2018-05-11 | JavaScript virtualization protection method based on front-end byte code technology |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108614960A true CN108614960A (en) | 2018-10-02 |
CN108614960B CN108614960B (en) | 2020-06-16 |
Family
ID=63662947
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810446970.2A Active CN108614960B (en) | 2018-05-11 | 2018-05-11 | JavaScript virtualization protection method based on front-end byte code technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108614960B (en) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109948308A (en) * | 2019-03-13 | 2019-06-28 | 智者四海(北京)技术有限公司 | Code security guard method, device, electronic equipment and computer readable storage medium |
CN110058904A (en) * | 2019-04-24 | 2019-07-26 | 广东三维家信息科技有限公司 | Data transfering method, device and server |
CN110321699A (en) * | 2019-05-22 | 2019-10-11 | 北京瀚海思创科技有限公司 | A kind of system and method based on data monitoring protection operation system safety |
CN110489942A (en) * | 2019-08-06 | 2019-11-22 | 南开大学 | A kind of processing method and system of WebAssembly file |
CN110555291A (en) * | 2019-08-06 | 2019-12-10 | 苏宁云计算有限公司 | webpage script code protection method and device |
CN110662116A (en) * | 2019-09-29 | 2020-01-07 | 中电福富信息科技有限公司 | Web player based on WebAssembly technology and playing method |
CN110673929A (en) * | 2019-09-29 | 2020-01-10 | 北京智游网安科技有限公司 | Method for protecting abnormal mechanism, intelligent terminal and storage medium |
CN111131281A (en) * | 2019-12-30 | 2020-05-08 | 北京永新视博数字电视技术有限公司 | Message transmission method, device and system and protection code updating method and device thereof |
CN111475868A (en) * | 2020-06-19 | 2020-07-31 | 南京芯驰半导体科技有限公司 | CPU instruction protection method and system suitable for function and information security chip |
CN111913712A (en) * | 2019-05-08 | 2020-11-10 | 北京字节跳动网络技术有限公司 | Method and apparatus for deploying neural network model at Web end |
CN112182513A (en) * | 2019-07-05 | 2021-01-05 | 航天云网科技发展有限责任公司 | JavaScript code processing method and device |
CN112199160A (en) * | 2020-10-16 | 2021-01-08 | 常熟理工学院 | Virtual instruction recovery method, device, equipment and storage medium |
CN112269602A (en) * | 2020-11-10 | 2021-01-26 | 深圳晶泰科技有限公司 | WebAssembly loading method and device and storage medium |
CN112328238A (en) * | 2021-01-05 | 2021-02-05 | 深圳点猫科技有限公司 | Building block code execution control method, system and storage medium |
CN113239328A (en) * | 2021-05-20 | 2021-08-10 | 瀚云科技有限公司 | Business function acquisition method and device, electronic equipment and storage medium |
CN113626773A (en) * | 2020-05-06 | 2021-11-09 | 上海蜚语信息科技有限公司 | Code protection method based on intermediate language |
CN114003317A (en) * | 2021-10-29 | 2022-02-01 | 北京达佳互联信息技术有限公司 | Inline implementation method and apparatus, electronic device, storage medium, and program product |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100076956A1 (en) * | 2008-09-09 | 2010-03-25 | Microsoft Corporation | Virtual javascript object notation |
CN104541242A (en) * | 2012-09-28 | 2015-04-22 | 英特尔公司 | Flexible acceleration of code execution |
CN105046117A (en) * | 2015-06-30 | 2015-11-11 | 西北大学 | Code virtualization software protection system realizing instruction set randomization |
US20160132667A1 (en) * | 2013-05-30 | 2016-05-12 | Jscrambler S.A. | Web application protection |
CN106096338A (en) * | 2016-06-07 | 2016-11-09 | 西北大学 | A kind of have the virtualization software guard method that data stream is obscured |
-
2018
- 2018-05-11 CN CN201810446970.2A patent/CN108614960B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100076956A1 (en) * | 2008-09-09 | 2010-03-25 | Microsoft Corporation | Virtual javascript object notation |
CN104541242A (en) * | 2012-09-28 | 2015-04-22 | 英特尔公司 | Flexible acceleration of code execution |
US20160132667A1 (en) * | 2013-05-30 | 2016-05-12 | Jscrambler S.A. | Web application protection |
CN105046117A (en) * | 2015-06-30 | 2015-11-11 | 西北大学 | Code virtualization software protection system realizing instruction set randomization |
CN106096338A (en) * | 2016-06-07 | 2016-11-09 | 西北大学 | A kind of have the virtualization software guard method that data stream is obscured |
Non-Patent Citations (4)
Title |
---|
ALBERT COHEN等: "Processor virtualization and split compilation for heterogeneous multicore embedded systems", 《DESIGN AUTOMATION CONFERENCE》 * |
HUNSEOP JEONG 等: "WATT:A novel web-based toolkit to generate WebAssembly-based libraries and applications", 《2018 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS (ICCE)》 * |
房鼎益 等: "具有时间多样性的JavaScript代码保护方法", 《计算机应用》 * |
汤战勇等: "基于精简指令集的软件保护虚拟机技术研究与实现", 《微电子学与计算机》 * |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109948308A (en) * | 2019-03-13 | 2019-06-28 | 智者四海(北京)技术有限公司 | Code security guard method, device, electronic equipment and computer readable storage medium |
CN110058904A (en) * | 2019-04-24 | 2019-07-26 | 广东三维家信息科技有限公司 | Data transfering method, device and server |
CN111913712A (en) * | 2019-05-08 | 2020-11-10 | 北京字节跳动网络技术有限公司 | Method and apparatus for deploying neural network model at Web end |
CN110321699A (en) * | 2019-05-22 | 2019-10-11 | 北京瀚海思创科技有限公司 | A kind of system and method based on data monitoring protection operation system safety |
CN112182513A (en) * | 2019-07-05 | 2021-01-05 | 航天云网科技发展有限责任公司 | JavaScript code processing method and device |
CN110489942A (en) * | 2019-08-06 | 2019-11-22 | 南开大学 | A kind of processing method and system of WebAssembly file |
CN110555291A (en) * | 2019-08-06 | 2019-12-10 | 苏宁云计算有限公司 | webpage script code protection method and device |
CN110662116A (en) * | 2019-09-29 | 2020-01-07 | 中电福富信息科技有限公司 | Web player based on WebAssembly technology and playing method |
CN110673929A (en) * | 2019-09-29 | 2020-01-10 | 北京智游网安科技有限公司 | Method for protecting abnormal mechanism, intelligent terminal and storage medium |
CN111131281A (en) * | 2019-12-30 | 2020-05-08 | 北京永新视博数字电视技术有限公司 | Message transmission method, device and system and protection code updating method and device thereof |
CN113626773A (en) * | 2020-05-06 | 2021-11-09 | 上海蜚语信息科技有限公司 | Code protection method based on intermediate language |
CN113626773B (en) * | 2020-05-06 | 2024-04-02 | 上海蜚语信息科技有限公司 | Code protection method based on intermediate language |
CN111475868A (en) * | 2020-06-19 | 2020-07-31 | 南京芯驰半导体科技有限公司 | CPU instruction protection method and system suitable for function and information security chip |
CN112199160A (en) * | 2020-10-16 | 2021-01-08 | 常熟理工学院 | Virtual instruction recovery method, device, equipment and storage medium |
CN112199160B (en) * | 2020-10-16 | 2021-12-28 | 常熟理工学院 | Virtual instruction recovery method, device, equipment and storage medium |
CN112269602B (en) * | 2020-11-10 | 2023-12-29 | 深圳晶泰科技有限公司 | WebAssemble loading method, device and storage medium |
CN112269602A (en) * | 2020-11-10 | 2021-01-26 | 深圳晶泰科技有限公司 | WebAssembly loading method and device and storage medium |
CN112328238A (en) * | 2021-01-05 | 2021-02-05 | 深圳点猫科技有限公司 | Building block code execution control method, system and storage medium |
CN113239328A (en) * | 2021-05-20 | 2021-08-10 | 瀚云科技有限公司 | Business function acquisition method and device, electronic equipment and storage medium |
CN113239328B (en) * | 2021-05-20 | 2023-06-06 | 瀚云科技有限公司 | Service function acquisition method and device, electronic equipment and storage medium |
CN114003317A (en) * | 2021-10-29 | 2022-02-01 | 北京达佳互联信息技术有限公司 | Inline implementation method and apparatus, electronic device, storage medium, and program product |
Also Published As
Publication number | Publication date |
---|---|
CN108614960B (en) | 2020-06-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108614960A (en) | A kind of JavaScript virtualization guard methods based on front end bytecode technology | |
US11036614B1 (en) | Data control-oriented smart contract static analysis method and system | |
Hirai | Defining the ethereum virtual machine for interactive theorem provers | |
US8850581B2 (en) | Identification of malware detection signature candidate code | |
CN103761476B (en) | The method and device of feature extraction | |
CN103473104B (en) | Bag discriminating conduct is beaten again in a kind of application based on keyword context frequency matrix | |
US20020143823A1 (en) | Conversion system for translating structured documents into multiple target formats | |
CN108459860A (en) | Block chain intelligence forms of contract chemical examination card code converter and conversion method | |
Thomas et al. | Stringer: Measuring the importance of static data comparisons to detect backdoors and undocumented functionality | |
CN109948308A (en) | Code security guard method, device, electronic equipment and computer readable storage medium | |
CN106503496A (en) | Replaced and the Python shell script anti-reversal methods for merging based on operation code | |
Ďurfina et al. | Design of a retargetable decompiler for a static platform-independent malware analysis | |
RU91213U1 (en) | SYSTEM OF AUTOMATIC COMPOSITION OF DESCRIPTION AND CLUSTERING OF VARIOUS, INCLUDING AND MALIMENTAL OBJECTS | |
CN111316232A (en) | Providing optimization using annotations of programs | |
CN110245467A (en) | Android application program guard method based on Dex2C and LLVM | |
US20210157553A1 (en) | Source code auto-suggestion based on structural and semantic features | |
Liang et al. | Deobfuscation of virtualization-obfuscated code through symbolic execution and compilation optimization | |
Alrabaee et al. | On leveraging coding habits for effective binary authorship attribution | |
Romano et al. | Wasim: Understanding webassembly applications through classification | |
Zhao et al. | Compile-time code virtualization for android applications | |
Cesare et al. | Wire--a formal intermediate language for binary analysis | |
Murawski et al. | A contextual equivalence checker for IMJ | |
CN115688108B (en) | Webshell static detection method and system | |
Kang | A review on javascript engine vulnerability mining | |
Xiong et al. | HexT5: Unified Pre-Training for Stripped Binary Code Information Inference |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |