CN108875376A - A kind of precise positioning method that smart card platform gangs up against - Google Patents

A kind of precise positioning method that smart card platform gangs up against Download PDF

Info

Publication number
CN108875376A
CN108875376A CN201810516349.9A CN201810516349A CN108875376A CN 108875376 A CN108875376 A CN 108875376A CN 201810516349 A CN201810516349 A CN 201810516349A CN 108875376 A CN108875376 A CN 108875376A
Authority
CN
China
Prior art keywords
code
attack
precise positioning
point
positioning method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810516349.9A
Other languages
Chinese (zh)
Inventor
仲倩黎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing CEC Huada Electronic Design Co Ltd
Original Assignee
Beijing CEC Huada Electronic Design Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing CEC Huada Electronic Design Co Ltd filed Critical Beijing CEC Huada Electronic Design Co Ltd
Priority to CN201810516349.9A priority Critical patent/CN108875376A/en
Publication of CN108875376A publication Critical patent/CN108875376A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The present invention discloses a kind of precise positioning method that smart card platform gangs up against, and belongs to technical field of intelligent card.This method includes:Construct attack source program;On the basis of the source program, the sentence where the point of attack is found;Before sentence, loop body code and adjacent positioned code are being added where the point of attack.Loop body code is the multiple circulation of adjacent positioned code.Adjacent positioned code is the multiple circulation of single code.By using the frame, generate special test application, the positioning during can be used for ganging up against smart card platform, solve the problems, such as to gang up against in can not be accurately positioned the point of attack.

Description

A kind of precise positioning method that smart card platform gangs up against
Technical field
The present invention relates to technical field of intelligent card more particularly to a kind of precise positioning sides that smart card platform gangs up against Method.
Background technique
Demand due to industry fields such as fiscards to smart card is increasingly urgent to and mobile payment field is to mostly using soft The demand of part platform causes intelligent card embedded software safe practice to have become nearest 2 years popular skills of smart card industry Art.
In smart card platform security evaluation field, what testing agency had been applied to software and hardware combining gangs up against this attack Mode.Ganging up against relative to the physical attacks on chip on smart card platform, difficult point are that the execution code of platform is more, It is longer to execute the time, it is difficult to be accurately positioned to attack point.
Summary of the invention
It cannot be accurately positioned to solve the problems, such as to gang up against on smart card platform, the present invention provides a kind of smart cards The precise positioning method of Platform Alliance attack.
The technical solution adopted by the present invention is as follows:
A kind of precise positioning method that smart card platform gangs up against, includes the following steps:
Step S1:Construct attack source program;
Step S2:On the basis of the source program, the sentence where the point of attack is found.
Step S3:Before sentence, loop body code and adjacent positioned code are being added where the point of attack.
Further, the loop body code is the multiple circulation of adjacent positioned code.
Further, loop body code is the multiple circulation of single code.
Further, sentence where adjacent positioned code and the point of attack close to.
The beneficial effects of the present invention are:The present invention enhances adjacent positioned code specific location by loop body code and exists Identifiability in overall power figure enhances point of attack specific location in then overall power figure by adjacent positioned code Identifiability.The application program realized according to this frame is solved the problems, such as to gang up against and cannot be accurately positioned, and is made to combine and be attacked It hits and is possibly realized.
Detailed description of the invention
Fig. 1 is a kind of precise positioning method and step figure that smart card platform gangs up against.
Fig. 2 is an application program for being attacked ifne sentence.
Fig. 3 is the bytecode of application program.
Fig. 4 is the template matching figure based on power consumption for the strike order realized in application program.
Specific embodiment
Fig. 1 is a kind of precise positioning method and step figure that smart card platform gangs up against.
Below in conjunction with the drawings and specific embodiments, the present invention is described further.
To be ganged up against on javacard platform, and for doing the process of precise positioning using the present invention.
Firstly, building attack source program.An attack applet is write using java language, is downloaded it on card Operation is able to respond test APDU.The processing of test APDU is to execute one section of java program comprising the point of attack.
Secondly, finding the sentence where the point of attack on the basis of source program.It is indicated in two-wire frame in Fig. 2 Sentence where one point of attack ifne bytecode.The sentence carries out zero judgement to a local variable.Its bytecode is Sload_3 and ifne.
Before sentence, loop body code and adjacent positioned code are being added where the point of attack.In Fig. 2, for circulation For the loop body code, 3 j++ sentences are the adjacent positioned code.
Loop body code is the multiple circulation of adjacent positioned code.First dotted line frame in Fig. 3 is that loop body code is compiled The bytecode of generation is translated, second dotted line frame is the bytecode that adjacent positioned code compilation generates.It include continuous 3 sinc.Loop body code is p2 circulation of adjacent positioned code.
Downloading attack is on applet to javacard platform, after then sending test command to it, obtained power consumption diagram. And after handling by observation, Fig. 4 is obtained after carrying out the template matching of repetition power consumption.Abscissa in figure is timeline, ordinate For matching degree.Can see in dotted line frame for adjacent positioned code approximate 5 time points, matching value has 5 close to 1 point. Last 1 is adjacent positioned code position.It thereafter is sload_3 and ifne.The time point that power consumption diagram provides is very quasi- Really, without error, to realize the precise positioning of the point of attack.
Obviously, those skilled in the art can carry out various changes and deformation without departing from essence of the invention to the present invention Mind and range.In this way, if these modification and variation of the invention belong to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (5)

1. a kind of precise positioning method that smart card platform gangs up against, characterized in that include the following steps:
Step S1:Construct attack source program;
Step S2:On the basis of the source program, the sentence where the point of attack is found;
Step S3:Before sentence, loop body code and adjacent positioned code are being added where the point of attack.
2. according to precise positioning method described in right 1, it is characterized in that:Loop body code is repeatedly following for adjacent positioned code Ring.
3. according to precise positioning method described in right 1, it is characterized in that:The bytecode that adjacent positioned code is formed is single code Multiple circulation.
4. according to precise positioning method described in right 1, it is characterized in that:Loop body code and adjacent positioned code close to.
5. according to precise positioning method described in right 1, it is characterized in that:Sentence where adjacent positioned code and the point of attack close to.
CN201810516349.9A 2018-05-25 2018-05-25 A kind of precise positioning method that smart card platform gangs up against Pending CN108875376A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810516349.9A CN108875376A (en) 2018-05-25 2018-05-25 A kind of precise positioning method that smart card platform gangs up against

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810516349.9A CN108875376A (en) 2018-05-25 2018-05-25 A kind of precise positioning method that smart card platform gangs up against

Publications (1)

Publication Number Publication Date
CN108875376A true CN108875376A (en) 2018-11-23

Family

ID=64333321

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810516349.9A Pending CN108875376A (en) 2018-05-25 2018-05-25 A kind of precise positioning method that smart card platform gangs up against

Country Status (1)

Country Link
CN (1) CN108875376A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102662807A (en) * 2012-03-13 2012-09-12 浙江大学 Java card stack performance test application program and making method for framework thereof
CN106878258A (en) * 2016-12-14 2017-06-20 新华三技术有限公司 One kind attacks localization method and device
US10078833B2 (en) * 2012-08-30 2018-09-18 Worldpay, Llc Combination payment card and methods thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102662807A (en) * 2012-03-13 2012-09-12 浙江大学 Java card stack performance test application program and making method for framework thereof
US10078833B2 (en) * 2012-08-30 2018-09-18 Worldpay, Llc Combination payment card and methods thereof
CN106878258A (en) * 2016-12-14 2017-06-20 新华三技术有限公司 One kind attacks localization method and device

Similar Documents

Publication Publication Date Title
Gascón et al. Template-based circuit understanding
CN104298534B (en) Programmed method and device based on Lua language
CN110941552B (en) Memory analysis method and device based on dynamic taint analysis
CN107480476B (en) Android native layer instruction compiling virtualization shell adding method based on ELF infection
CN104572436B (en) Automatic debugging and error proofing method and device
CN109614103A (en) A kind of code completion method and system based on character
JP2022009556A (en) Method for securing software codes
CN106528261A (en) Application page initialization compiling and controlling device and method
US10241767B2 (en) Distributed function generation with shared structures
CN105446741A (en) API (Application Program Interface) comparison based mobile application identification method
CN109543409B (en) Method, device and equipment for detecting malicious application and training detection model
KR20210024161A (en) Method for analysis of source texts
CN108875376A (en) A kind of precise positioning method that smart card platform gangs up against
MX2011001796A (en) Simulated processor execution using branch override.
US11144693B1 (en) Method and system for generating verification tests at runtime
US20090300754A1 (en) Protecting a Program Interpreted by a Virtual Machine
CN116450431A (en) Instruction function test system of CPU reference model, method thereof, computer equipment and storage medium
CN109036554B (en) Method and apparatus for generating information
CN106055935A (en) Process control method and device and electronic equipment
CN110018953B (en) Method, storage medium, device and system for testing JS code by using python
Schmitt et al. Verifying the Mondex case study
CN114637988A (en) Binary-oriented function level software randomization method
CN114637672A (en) Automatic data testing method and device, computer equipment and storage medium
CN113010177A (en) Software-defined instrument, information acquisition method, computer, and storage medium
CN106951288A (en) A kind of exploitation, application process and the device of heat more resource

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20181123

WD01 Invention patent application deemed withdrawn after publication