CN109739620A - A kind of guard method based on VM engine - Google Patents
A kind of guard method based on VM engine Download PDFInfo
- Publication number
- CN109739620A CN109739620A CN201811595948.0A CN201811595948A CN109739620A CN 109739620 A CN109739620 A CN 109739620A CN 201811595948 A CN201811595948 A CN 201811595948A CN 109739620 A CN109739620 A CN 109739620A
- Authority
- CN
- China
- Prior art keywords
- stream
- algorithm
- crc128
- instruction
- input
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 230000006835 compression Effects 0.000 claims abstract description 17
- 238000007906 compression Methods 0.000 claims abstract description 17
- 230000004048 modification Effects 0.000 claims description 8
- 238000012986 modification Methods 0.000 claims description 8
- 238000012217 deletion Methods 0.000 claims description 4
- 230000037430 deletion Effects 0.000 claims description 4
- 230000008901 benefit Effects 0.000 abstract description 5
- 230000005540 biological transmission Effects 0.000 abstract description 2
- 238000007689 inspection Methods 0.000 abstract description 2
- 101150089655 Ins2 gene Proteins 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
Landscapes
- Devices For Executing Special Programs (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of guard methods based on VM engine.The following steps are included: step 1: it is required that the side of being verified inputs a fictitious order stream, VM engine can execute the fictitious order stream that the side of being verified inputs, the result after being executed;Step 2: if final implementing result is correct, the instruction stream compression of input being obtained correctly to export message;Step 3: checking that format is verified if format is correct.Therefore, the present invention has the advantage that the present invention has novelty in terms of preventing attacker from attempting to crack instruction stream and data, and rapidly and efficiently.VM engine can either guarantee the integrality of data, and can provide anti-tamper and inspection mechanism, be guaranteed in safety, have good technical advantage.Applicable field includes instruction system, data transmission, digital copyright protection, the protection of software under particular surroundings etc. with self-protection.
Description
Technical field
The invention belongs to field of information security technology, are related to a kind of protection mechanism, relate generally to a kind of based on VM engine
Guard method.
Background technique
The maximum feature of traditional instruction engine is exactly its instruction system, by executing some expression formulas, this can be allowed to refer to
Engine is enabled to possess computing function, but decryption person can pass through reversal technique, the full content of acquisition instruction stream.In information security
Aspect, traditional instruction engine are to be improved.
Summary of the invention
In order to solve the above-mentioned technical problems, the present invention provides a kind of guard methods based on VM engine.
The technical scheme adopted by the invention is that:
A kind of guard method based on VM engine, which comprises the following steps:
Step 1:VM (virtual machine) be previously designated a correct uncompressed result UncompressedResult and
One correct compression result CompressedResult.
Step 2: the side of being verified, which inputs fictitious order stream VIns, VM an engine, can execute the virtual finger that the side of being verified inputs
Enable stream VIns, the result result1 after being executed;
Step 3: if the implementing result result1 in step 2 is correct, i.e. result1 is equal in step 1
UncompressedResult is then compressed the instruction stream VIns inputted in step 2 to obtain output message result2, no
It then shows that output result is incorrect, determines that input side is illegal user, authentication failed;
Step 4: the format of the output message result2 in checking step 3 through overcompression with it is preassigned in step 1
Whether correct compression result CompressedResult is identical, if identical, be determined as that format is correct, be then verified.
In a kind of above-mentioned guard method based on VM engine, the realization of step 2 includes following sub-step:
For step 1.1:VM engine when executing fictitious order stream VIns, execution while, can dynamically increase subsequent instructions newly
Stream, duplication subsequent instructions stream, modification subsequent instructions stream and deletion subsequent instructions stream, wherein
Newly-increased subsequent instructions stream instructs before referring to without d, increases a d instruction newly;
Duplication subsequent instructions stream refers to that instruction becomes aa form by a form;
Modification subsequent instructions stream refers to that instruction becomes b form by a form;
It deletes subsequent instructions stream to refer to after having other variations, deletes certain (a) fingers no longer needed
It enables.
In a kind of above-mentioned guard method based on VM engine, the protection mechanism of VM engine described in step 2 is built-in VM,
Instruction stream VIns is inputted by the side of being verified, whether judging result is correct after execution;And the protection mechanism of tradition VM engine is built-in
VM and instruction stream, and the data of cracker's input are handled according to instruction stream, whether last judging result is correct.
In a kind of above-mentioned guard method based on VM engine, the protection mechanism VM of VM engine described in step 2 is fixed
, but support dynamic instruction flow, it may be assumed that instruction stream at runtime, can dynamically increase, replicate, modify and delete subsequent instructions stream newly;
And the protection mechanism VM of tradition VM engine be it is fixed, instruction stream be also it is fixed, the data only generated in implementation procedure are
Variation.
In a kind of above-mentioned guard method based on VM engine, the realization of step 3 includes following sub-step:
Step 3.1: according to the instruction stream of input and preassigned VM operation result, being carried out using CRC128 deformation algorithm
It calculates, obtains the input constant value IV of CRC128 algorithm, wherein VM operation result includes the correct uncompressed result in step 1
UncompressedResult and correct compression result CompressedResult;
Step 3.2: the calculated IV value of step 3.1 is used, as the input constant value of CRC128 deformation algorithm, to input
Instruction stream is calculated with CRC128 algorithm again.CRC128 algorithm is according to ITU-IEEE international norm, only specified input
It can compress and obtain correctly exporting message.The input of mistake is instructed, the mistake input of every 1bit all will lead to compression result
Large area entanglement, to cannot obtain correctly exporting message.
CRC128 deformation algorithm is CRC128 algorithm in a kind of above-mentioned guard method based on VM engine, step 5
Deformation realizes that essence follows the ITU-EEE international norm of CRC128 algorithm, and difference is that CRC128 deformation algorithm can be according to the phase
The output of the CRC128 algorithm of prestige is as a result, be calculated the input constant value IV of CRC128 algorithm.
So-called compression is characterized in that in a kind of above-mentioned guard method based on VM engine, step 4:
Compression is a kind of characteristic based on CRC128 algorithm, and the input in step 4 can be instructed (instruction length by CRC128 algorithm
Degree is greater than 128 bits) it is calculated as the input of algorithm, obtain the value for being fixed as 128 bits, the bit of obtained value
Length is shorter than the length of former input instruction, because referred to herein as compressing.Wherein CRC128 algorithm is according to ITU-IEEE international norm.
Therefore, the present invention has the advantage that the present invention has in terms of preventing attacker from attempting to crack instruction stream and data
There is novelty, and rapidly and efficiently.VM engine can either guarantee the integrality of data, and can provide anti-tamper and inspection mechanism,
It is guaranteed in safety, there is good technical advantage.Applicable field includes the instruction system with self-protection
System, data transmission, digital copyright protection, protection of software under particular surroundings etc..
Specific embodiment
Below by embodiment, the technical solutions of the present invention will be further described.
The present invention the following steps are included:
Step 1:VM (virtual machine) be previously designated a correct uncompressed result UncompressedResult and
One correct compression result CompressedResult.
Step 2: the side of being verified, which inputs fictitious order stream VIns, VM an engine, can execute the virtual finger that the side of being verified inputs
Enable stream VIns, the result result1 after being executed;Realize to include following sub-step:
For step 1.1:VM engine when executing fictitious order stream VIns, execution while, can dynamically increase subsequent instructions newly
Stream, duplication subsequent instructions stream, modification subsequent instructions stream and deletion subsequent instructions stream, wherein
Newly-increased subsequent instructions stream instructs before referring to without d, increases a d instruction newly;
Duplication subsequent instructions stream refers to that instruction becomes aa form by a form;
Modification subsequent instructions stream refers to that instruction becomes b form by a form;
It deletes subsequent instructions stream to refer to after having other variations, deletes certain (a) fingers no longer needed
It enables.
For example, one sequence number of input, i.e., newly-increased fictitious order behaviour is first carried out in initial fictitious order Ins0, Ins0
Make, converted by using set algorithm, generates new fictitious order Ins1, Ins1 and execute the virtual specified operation of modification again,
Ins1 fictitious order is converted by using set algorithm, generates new fictitious order Ins2, and so on, become by similar
It changes, various fictitious order streams can be generated.
The protection mechanism of VM engine is built-in VM in step 2, inputs instruction stream VIns by the side of being verified, knot is judged after execution
Whether fruit is correct;And the protection mechanism of tradition VM engine is built-in VM and instruction stream, and it is defeated according to instruction stream to handle cracker
Whether the data entered, last judging result are correct.
Also, the protection mechanism VM of VM engine is fixed, but supports dynamic instruction flow, it may be assumed that instruction stream at runtime, can
Dynamically to increase, replicate, modify and delete subsequent instructions stream newly;And the protection mechanism VM of tradition VM engine is fixed, instruction stream
It is also fixation, the data only generated in implementation procedure are variations.
Step 3: if the implementing result result1 in step 2 is correct, i.e. result1 is equal in step 1
UncompressedResult is then compressed the instruction stream VIns inputted in step 2 to obtain output message result2, no
It then shows that output result is incorrect, determines that input side is illegal user, authentication failed;Including following sub-step:
Step 3.1: according to the instruction stream of input and preassigned VM operation result, being carried out using CRC128 deformation algorithm
It calculates, obtains the input constant value IV of CRC128 algorithm, wherein VM operation result includes the correct uncompressed result in step 1
UncompressedResult and correct compression result CompressedResult;
Step 3.2: the calculated IV value of step 3.1 is used, as the input constant value of CRC128 deformation algorithm, to input
Instruction stream is calculated with CRC128 algorithm again.CRC128 algorithm is according to ITU-IEEE international norm, only specified input
It can compress and obtain correctly exporting message.The input of mistake is instructed, the mistake input of every 1bit all will lead to compression result
Large area entanglement, to cannot obtain correctly exporting message.
Step 4: the format of the output message result2 in checking step 3 through overcompression with it is preassigned in step 1
Whether correct compression result CompressedResult is identical, if identical, be determined as that format is correct, be then verified.
CRC128 deformation algorithm is that the deformation of CRC128 algorithm realizes that essence follows CRC128 algorithm in step 4
ITU-EEE international norm, difference are that CRC128 deformation algorithm can be according to the output of desired CRC128 algorithm as a result, calculating
To the input constant value IV of CRC128 algorithm.
So-called compression is characterized in that in step 4:
Compression is a kind of characteristic based on CRC128 algorithm, and the input in step 4 can be instructed (instruction length by CRC128 algorithm
Degree is greater than 128 bits) it is calculated as the input of algorithm, obtain the value for being fixed as 128 bits, the bit of obtained value
Length is shorter than the length of former input instruction, because referred to herein as compressing.Wherein CRC128 algorithm is according to ITU-IEEE international norm.
It should be understood that the part that this specification does not elaborate belongs to the prior art.
It should be understood that the above-mentioned description for preferred embodiment is more detailed, can not therefore be considered to this
The limitation of invention patent protection range, those skilled in the art under the inspiration of the present invention, are not departing from power of the present invention
Benefit requires to make replacement or deformation under protected ambit, fall within the scope of protection of the present invention, this hair
It is bright range is claimed to be determined by the appended claims.
Claims (7)
1. a kind of guard method based on VM engine, which comprises the following steps:
Step 1:VM (virtual machine) has been previously designated a correct uncompressed result UncompressedResult and one
Correct compression result CompressedResult;
Step 2: the side of being verified, which inputs fictitious order stream VIns, VM an engine, can execute the fictitious order stream that the side of being verified inputs
VIns, the result result1 after being executed;
Step 3: if the implementing result result1 in step 2 is correct, i.e. result1 is equal in step 1
UncompressedResult is then compressed the instruction stream VIns inputted in step 2 to obtain output message result2, no
It then shows that output result is incorrect, determines that input side is illegal user, authentication failed;
Step 4: preassigned correct in the format of the output message result2 in checking step 3 through overcompression and step 1
Compression result CompressedResult it is whether identical, if identical, be determined as that format is correct, be then verified.
2. a kind of guard method based on VM engine according to claim 1, which is characterized in that the realization of step 2 includes
Following sub-step:
For step 1.1:VM engine when executing fictitious order stream VIns, execution while, can dynamically increase subsequent instructions stream, multiple newly
Subsequent instructions stream, modification subsequent instructions stream and deletion subsequent instructions stream processed, wherein
Newly-increased subsequent instructions stream instructs before referring to without d, increases a d instruction newly;
Duplication subsequent instructions stream refers to that instruction becomes aa form by a form;
Modification subsequent instructions stream refers to that instruction becomes b form by a form;
It deletes subsequent instructions stream to refer to after having other variations, deletes certain (a) instructions no longer needed.
3. a kind of guard method based on VM engine according to claim 1, which is characterized in that VM described in step 2 draws
The protection mechanism held up is built-in VM, inputs instruction stream VIns by the side of being verified, whether judging result is correct after execution.
4. a kind of guard method based on VM engine according to claim 1, which is characterized in that VM described in step 2 draws
The protection mechanism VM held up is fixed, but support dynamic instruction flow, it may be assumed that instruction stream at runtime, can dynamically increase newly, replicate,
Modification and deletion subsequent instructions stream.
5. a kind of guard method based on VM engine according to claim 1, which is characterized in that the realization of step 3 includes
Following sub-step:
Step 3.1: according to the instruction stream of input and preassigned VM operation result, being counted using CRC128 deformation algorithm
It calculates, obtains the input constant value IV of CRC128 algorithm, wherein VM operation result includes the correct uncompressed result in step 1
UncompressedResult and correct compression result CompressedResult;
Step 3.2: using the calculated IV value of step 3.1, the instruction as the input constant value of CRC128 deformation algorithm, to input
Stream is calculated with CRC128 algorithm again;CRC128 algorithm could be pressed according to ITU-IEEE international norm, only specified input
Contracting obtains correctly exporting message;The input of mistake is instructed, the mistake input of every 1bit all will lead to the big face of compression result
Product entanglement, to cannot obtain correctly exporting message.
6. a kind of guard method based on VM engine according to claim 1, which is characterized in that CRC128 becomes in step 4
Shape algorithm is that the deformation of CRC128 algorithm realizes that essence follows the ITU-EEE international norm of CRC128 algorithm, and difference is
CRC128 deformation algorithm can be according to the output of desired CRC128 algorithm as a result, the input constant value of CRC128 algorithm is calculated
IV。
7. a kind of guard method based on VM engine according to claim 1, which is characterized in that CRC128 algorithm can be by step
Input instruction in rapid 4 is calculated as the input of algorithm, obtains the value for being fixed as 128 bits, the ratio of obtained value
Bit length is shorter than the length of former input instruction, because referred to herein as compressing;Wherein CRC128 algorithm foundation ITU-IEEE international norm,
In, command length is greater than 128 bits.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811595948.0A CN109739620A (en) | 2018-12-20 | 2018-12-20 | A kind of guard method based on VM engine |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811595948.0A CN109739620A (en) | 2018-12-20 | 2018-12-20 | A kind of guard method based on VM engine |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109739620A true CN109739620A (en) | 2019-05-10 |
Family
ID=66359983
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811595948.0A Pending CN109739620A (en) | 2018-12-20 | 2018-12-20 | A kind of guard method based on VM engine |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109739620A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1575445A (en) * | 2000-07-18 | 2005-02-02 | 比特阿兹有限公司 | Digital data protection arrangement |
CN102713839A (en) * | 2009-10-08 | 2012-10-03 | 埃德图加拿大公司 | A system and method for aggressive self-modification in dynamic function call systems |
CN106960138A (en) * | 2016-01-08 | 2017-07-18 | 阿里巴巴集团控股有限公司 | The method of calibration and device of virtual machine instructions, system |
-
2018
- 2018-12-20 CN CN201811595948.0A patent/CN109739620A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1575445A (en) * | 2000-07-18 | 2005-02-02 | 比特阿兹有限公司 | Digital data protection arrangement |
CN102713839A (en) * | 2009-10-08 | 2012-10-03 | 埃德图加拿大公司 | A system and method for aggressive self-modification in dynamic function call systems |
CN106960138A (en) * | 2016-01-08 | 2017-07-18 | 阿里巴巴集团控股有限公司 | The method of calibration and device of virtual machine instructions, system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102890758B (en) | Method and system for protecting executable file | |
CN101964040B (en) | PE loader-based software packing protection method | |
KR101698403B1 (en) | File packing and unpacking method, and device thereof | |
US9608822B2 (en) | Method for generating an HTML document that contains encrypted files and the code necessary for decrypting them when a valid passphrase is provided | |
US7607122B2 (en) | Post build process to record stack and call tree information | |
CN104573427B (en) | Method and apparatus are obscured in a kind of executable application | |
CN104618498A (en) | Data resource synchronizing method and server | |
CN104866784B (en) | A kind of safe hard disk, data encryption and decryption method based on BIOS encryptions | |
WO2018134909A1 (en) | Information processing apparatus, information processing method, and information processing program | |
CN112667975B (en) | Application software safety protection method based on hybrid reinforcement Android system | |
CN109409101B (en) | Data encryption method and terminal equipment | |
CN102609284A (en) | Method for safely loading executable file | |
CN104573426A (en) | Confusing method and device of executable application | |
CN105763321B (en) | A kind of Internet of Things communication encryption method and device | |
KR101754720B1 (en) | Device for detecting malicious code in non executable file and method thereof | |
CN109739620A (en) | A kind of guard method based on VM engine | |
WO2016188134A1 (en) | Application reinforcing implementation method and apparatus | |
WO2015035792A1 (en) | High-efficiency adaptive modular data encryption method and system thereof | |
US20120278883A1 (en) | Method and System for Protecting a Computing System | |
CN107944290B (en) | A kind of iris templates guard method based on partial ordering | |
CN106650342B (en) | Jar package reinforcement method and system | |
CN104778406A (en) | Method for uniformly naming malicious codes based on file fingerprint and system thereof | |
KR20110014903A (en) | File processing method and apparatus, signature generating method and apparatus, computer readable media storing program for method therefor | |
CN105577366B (en) | Sound wave based on embedded device generates and recognition methods | |
KR101625018B1 (en) | Data encryption apparatus and method, computing device and communication device employing the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190510 |
|
RJ01 | Rejection of invention patent application after publication |