CN113934988A - Software security protection method, computer device and storage medium - Google Patents
Software security protection method, computer device and storage medium Download PDFInfo
- Publication number
- CN113934988A CN113934988A CN202010605070.5A CN202010605070A CN113934988A CN 113934988 A CN113934988 A CN 113934988A CN 202010605070 A CN202010605070 A CN 202010605070A CN 113934988 A CN113934988 A CN 113934988A
- Authority
- CN
- China
- Prior art keywords
- key
- instruction
- software
- original instruction
- original
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 230000006870 function Effects 0.000 claims description 100
- 238000004891 communication Methods 0.000 claims description 5
- 230000009191 jumping Effects 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 7
- 238000004590 computer program Methods 0.000 description 5
- 238000006243 chemical reaction Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a software security protection method, computer equipment and a storage medium, and belongs to the technical field of software. The software safety protection method specifically comprises the following steps: acquiring an original instruction and a key corresponding to the original instruction, wherein the original instruction is obtained by reversely transcoding a software instruction obtained by compiling according to the key; transcoding the original instruction according to the key to obtain a software instruction; and decoding the software instruction and executing the decoded instruction. According to the embodiment of the invention, the original instruction can obtain the real software instruction after transcoding, so that the software is in a protected state, and the security of the software is enhanced.
Description
Technical Field
The present invention relates to the field of software technologies, and in particular, to a software security protection method, a computer device, and a storage medium.
Background
At present, the attack mode aiming at software presents the characteristics of diversification and automation, so that the safety of the system and the software is seriously challenged. The common current software protection schemes include shell adding, flower instruction insertion and code confusion, but the common current software protection schemes all need to protect software and load the software into a memory before the software runs, so that codes existing in the memory are in an exposed state, and even unprotected code segments of the software can be obtained by obtaining the contents of the memory, thereby bringing great potential safety hazards to the software.
Therefore, how to perform security protection on software becomes a problem which needs to be solved urgently.
Disclosure of Invention
The embodiment of the invention mainly aims to provide a software security protection method, computer equipment and a storage medium for protecting software to improve software security.
In order to achieve the above object, an embodiment of the present invention provides a software security protection method, where the method includes the following steps:
acquiring an original instruction and a key corresponding to the original instruction, wherein the original instruction is obtained by reversely transcoding a software instruction obtained by compiling according to the key;
transcoding the original instruction according to the key to obtain a software instruction;
and decoding the software instruction and executing the decoded instruction.
In order to achieve the above object, an embodiment of the present invention further provides another software security protection method, where the method includes the following steps:
performing reverse transcoding on the compiled software instruction according to the key to obtain an original instruction corresponding to the software instruction;
and replacing the software instruction with the original instruction to obtain protected software.
To achieve the above object, an embodiment of the present invention further provides a computer device, which includes a memory, a processor, a program stored on the memory and executable on the processor, and a data bus for implementing connection communication between the processor and the memory, wherein the program implements the steps of the foregoing method when executed by the processor.
To achieve the above object, an embodiment of the present invention further provides a storage medium for a computer-readable storage, the storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement the steps of the foregoing method.
According to the software safety protection method, the computer equipment and the storage medium, an original instruction and a key corresponding to the original instruction are obtained, then the original instruction is transcoded according to the key to obtain a software instruction, and finally the software instruction is decoded and the decoded instruction is executed; the original instruction can obtain a real software instruction after transcoding, so that the software is in a protected state, and the safety of the software is enhanced.
Drawings
Fig. 1 is a schematic flowchart of a software security protection method according to an embodiment of the present invention;
fig. 2 is a schematic view of a scenario of a key according to an embodiment of the present invention;
FIG. 3 is a schematic view of a scenario of a key table according to an embodiment of the present invention
Fig. 4 is a schematic diagram of a scenario of a key stack according to an embodiment of the present invention;
fig. 5 is a schematic view of a scenario of key indexing according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a scenario of an index stack according to an embodiment of the present invention;
FIG. 7 is a flowchart illustrating another software security protection method according to an embodiment of the present invention;
fig. 8 is a schematic block diagram of a structure of a computer device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The flow diagrams depicted in the figures are merely illustrative and do not necessarily include all of the elements and operations/steps, nor do they necessarily have to be performed in the order depicted. For example, some operations/steps may be decomposed, combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In the following description, suffixes such as "module", "part", or "unit" used to denote elements are used only for facilitating the explanation of the present invention, and have no peculiar meaning in itself. Thus, "module", "component" or "unit" may be used mixedly.
Referring to fig. 1, fig. 1 is a diagram of a software security protection method provided in this embodiment, where the method may be applied to a terminal device or a server, and the terminal device may be an electronic device such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart television, or a palm computer; the server may be a single server or a server cluster including a plurality of servers. The software security protection method is applied to the terminal device and is described below.
Specifically, the software security protection method comprises the following steps: acquiring an original instruction, and acquiring a key corresponding to the original instruction; transcoding the original instruction according to the key to obtain a software instruction; and decoding the software instruction and executing the decoded instruction. According to the software safety protection method, the original instruction can obtain the real software instruction after transcoding, so that the software is in a protected state, and the safety of the software is enhanced.
As shown in fig. 1, the software security protection method specifically includes steps S110 to S130.
Step S110, an original instruction and a key corresponding to the original instruction are obtained, wherein the original instruction is obtained by performing reverse transcoding on a software instruction obtained by compiling according to the key.
Illustratively, the software instructions are compiled into executable instructions. For example, the software instructions are instructions in an executable function segment, which are unprotected software instructions. The software instruction obtained by compiling is reversely transcoded according to the key to obtain the encrypted original instruction, so that potential safety hazards of software caused by the fact that a user illegally obtains the software instruction can be avoided. It will be appreciated that the original instruction is an instruction that is not directly executable
For example, the key corresponding to the software instruction may be randomly generated by the terminal device according to the software instruction, or set by user definition, or a preset key file may be imported. And the key corresponding to the software instruction is consistent with the key corresponding to the original instruction obtained by reverse transcoding of the software instruction. For example, as shown in fig. 2, the terminal device randomly generates a certain number of keys according to the function segment corresponding to the software instruction, where the software instructions in different function segments correspond to different keys. For example, if the function name of the function segment corresponding to a certain software instruction is int (), a corresponding key can be determined in the key table according to the name. By increasing the number of the keys corresponding to the software, for example, different keys are used in different function sections of the software, so that the key value corresponding to the software is not unique, the cracking difficulty of the software is increased, and the safety of the software is improved.
In some embodiments, the obtaining a key corresponding to the original instruction specifically includes: acquiring an encrypted key corresponding to the original instruction; and decrypting the encrypted key to obtain the key corresponding to the original instruction.
Illustratively, after generating the key for the software instruction, the key is encrypted to obtain an encrypted key. By encrypting the secret key, the difficulty of other users for illegally obtaining the secret key can be improved, and the safety of software is effectively improved. For example, the decrypting the encrypted key to obtain a key may include decrypting the encrypted key based on an operating system to obtain a key table and/or decrypting the encrypted key based on a trusted execution environment to obtain a key.
And step S120, transcoding the original instruction according to the secret key to obtain a software instruction.
Illustratively, when the software runs, the original instruction is transcoded according to the key to obtain the software instruction.
And S130, decoding the software instruction and executing the decoded instruction.
Illustratively, the actual software instruction is decoded to obtain the instruction to be executed, and the instruction to be executed is executed.
Illustratively, an original instruction is obtained in an instruction obtaining stage, a key is obtained in an instruction transcoding stage, and the original instruction is transcoded according to the key to obtain a software instruction; the Instruction Decode, ID, phase may then be entered. In the instruction decoding stage, the instruction decoder splits and interprets the fetched instruction according to a predetermined instruction format, and identifies and distinguishes different instruction types and various methods for obtaining operands. For example, the operation code in the software instruction is sent to an instruction decoder for decoding, and the address code in the software instruction is sent to an address forming unit. And the address forming component forms an effective address from the address code according to the instruction characteristics of the software instruction and sends the effective address to an address register of the main memory. The operation controller generates control signals of all actions required for realizing the instruction function according to the decoding of the operation code by the instruction decoder. The control signals are sent to each component according to a certain time sequence, and the action of each component is controlled to execute the instruction to be executed.
Illustratively, the main Memory is accessed to read the corresponding operand, i.e. the Memory access (MEM) phase is entered, as required by the software instructions. The tasks of the access phase are as follows: and according to the instruction address code of the software instruction, obtaining the address of the operand in the main memory, and reading the operand from the main memory for operation.
Illustratively, after the instruction decode stage, the Execute instruction (EX) stage is entered next. The task of executing an instruction is to perform various operations specified by the instruction, and to implement the function of the instruction. To this end, different parts of the CPU are connected to perform the required operations.
Illustratively, the execute instruction phase ends before entering the result write-back (WB) phase. The task of the result write-back stage is to store the execution result data of the execute instruction stage to some storage medium: the result data is often written to an internal register of the CPU for quick access by subsequent instructions. It will be appreciated that in some cases, the resulting data may also be written to main memory that is relatively slow, but inexpensive and large in capacity.
In some embodiments, the obtaining the key corresponding to the original instruction includes obtaining the key corresponding to the original instruction from a key table, where the key table includes a plurality of keys; wherein the original instructions in different function segments correspond to different keys. For example, as shown in fig. 3, after the key of the software instruction is generated, a key table corresponding to the software is generated according to the function segment corresponding to the software instruction and the key corresponding to the function segment. By generating the key table corresponding to the software, the management of the key is more convenient, the subsequent key adjustment is also convenient, and the software operation efficiency is improved. Illustratively, the generated key table may be encrypted. By encrypting the key table, the difficulty of illegally obtaining the key by the user is improved, and the security of the software is effectively improved. For example, before the obtaining the key corresponding to the original instruction from the key table, the method specifically further includes: acquiring an encrypted key table corresponding to software; and decrypting the encrypted key table to obtain the key table corresponding to the software. For example, the decrypting the encrypted key table to obtain the key table includes decrypting the encrypted key table based on the operating system to obtain the key table and/or decrypting the encrypted key table based on the trusted execution environment to obtain the key table. In some embodiments, after the encrypted key table is decrypted to obtain the key table corresponding to the software, the key table is stored in a storage area preset in the terminal device, and the storage area is provided with access rights, for example, when an instruction transcoding stage is entered, the access rights of the storage area are opened. The decrypted key table is stored in the preset storage area, so that the safety of the key table can be further ensured, and the safety of software is improved.
For example, the obtaining the key corresponding to the original instruction from the key table may specifically include: and acquiring a key corresponding to the original instruction from a key table according to the name of the function segment corresponding to the original instruction and/or acquiring the key corresponding to the original instruction from the key table according to the address of the function segment corresponding to the original instruction.
In some embodiments, the obtaining the key corresponding to the original instruction from the key table specifically includes the following steps: when jumping from an original instruction of a first function segment to an original instruction of a second function, storing a key corresponding to the first function segment into a key stack, and acquiring a key corresponding to the second function from a key table; and when the original instruction of the first function segment is returned from the original instruction of the second function, taking out the key corresponding to the first function segment from the key stack. For example, as shown in fig. 4, a piece of software includes function segments A, B and C, where the key corresponding to function segment a is key a, the key corresponding to function segment B is key B, and the key corresponding to function segment C is key C, and the keys are stored in the key stack. When an instruction jump is executed, for example, when the instruction jump is executed from an original instruction of the function segment B to an original instruction of the function segment C, a key of a next stage, for example, a key C of the function segment C, is obtained in the key stack according to instruction information, and a current key is stored, for example, a key B of the function segment B is stored. The next stage key may then be used as the current decoding key, e.g. the key C of the function segment C is used as the current decoding key to transcode the original instruction in the function segment C. For example, the storage of the key is stored by using a last-in first-out stack model, when the function returns, the key of the previously stacked function segment can be acquired, the original instruction in the current function segment is transcoded, for example, when the original instruction of the function segment C jumps back to the original instruction of the function segment B, the key B of the function segment B is popped out from the key stack, and then the original instruction in the function segment B is transcoded by using the key B as the current decoding key.
In some embodiments, the obtaining the key corresponding to the original instruction from the key table specifically includes the following steps: determining a key index corresponding to the function segment where the original instruction is located; and acquiring a key corresponding to the key index in the key table according to the key index. For example, as shown in fig. 5, after the key table is generated, a key index is generated according to the function segment corresponding to the software instruction, where the key index is used to determine a key corresponding to the software instruction, that is, a key corresponding to the original instruction, in the key table.
Illustratively, a function address or a value obtained by performing some kind of conversion on some bits in the function address of a function segment corresponding to an original instruction, for example, a hash value obtained by performing hash algorithm conversion, is used as a key index of the function segment in a key table to obtain a correspondence between the function segment and the key index, where the key index is used to determine a key corresponding to the function segment in the key table. By generating the key index, the speed of obtaining the key is increased, and the transcoding speed is increased. And meanwhile, after the key index is generated, the occupation of the key table on the operation memory of the terminal equipment can be reduced, so that the efficiency of the terminal equipment is improved.
In some embodiments, the determining a key index corresponding to the function segment where the original instruction is located may specifically include: when jumping from an original instruction of a first function segment to an original instruction of a second function, storing a key index corresponding to the first function segment into an index stack, and determining a key index corresponding to the second function; and when the original instruction of the first function segment is returned from the original instruction of the second function, taking out the key index corresponding to the first function segment from the index stack. For example, as shown in fig. 6, a piece of software includes function segments A, B and C, where the key index corresponding to function segment a is key index 1, the key index corresponding to function segment B is key index 2, and the key index corresponding to function segment C is key index 3, and the key indexes are stored in the index stack. When an instruction jump is executed, for example, when the instruction jumps from an original instruction of a function segment B to an original instruction of a function segment C, a key index of a next stage, for example, a key index 3 of the function segment C, is obtained in the index stack according to the instruction information, and a current key index is stored, for example, a key index 2 of the function segment B is stored, and at the same time, a key index of the next stage is taken out as a current decoding key, for example, a key index 3 of the function segment C is taken out as a current key index to obtain a key corresponding to the function segment. Illustratively, the key index is stored by using a last-in-first-out stack model, when the function returns, the key index of the previously-stacked function segment can be obtained, the original instruction in the current function segment is transcoded, for example, when the original instruction of the function segment C jumps back to the original instruction of the function segment B, the key index 2 of the function segment B is popped from the index stack, and then the key index 2 is used as the current key index to obtain the key corresponding to the function segment B.
In some embodiments, the terminal device determines whether to start the transcoding operation according to whether the software is configured with the corresponding key index, that is, performs the determination whether to perform step S120. When the key table index does not exist, the terminal device does not start transcoding operation, and directly transmits the obtained original instruction to the decoding unit, that is, step S120 is skipped and step S130 is directly executed. When the key table index exists, the terminal device starts the transcoding operation, i.e., performs step S120. For example, the start of the transcoding operation may be controlled by an operating system through a driver interface.
In the software security protection method provided in the above embodiment, an original instruction and a key corresponding to the original instruction are obtained, then the original instruction is transcoded according to the key to obtain a software instruction, and finally the software instruction is decoded to execute the decoded instruction; the original instruction can obtain a real software instruction after transcoding, so that the software is in a protected state, and the safety of the software is enhanced.
Referring to fig. 7, fig. 7 is a software security protection method according to another embodiment of the present application, where the method may be applied to a terminal device or a server, where the terminal device may be an electronic device such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart television, or a palm computer; the server may be a single server or a server cluster including a plurality of servers. The software security protection method is applied to the terminal device and is described below.
In some embodiments, the software security protection method may be used for a terminal device or a server of a software developer or a software publisher, and the software developer or the software publisher may process developed software or software to be published by using the software security protection method to obtain protected software, and then publish the protected software for a user to download.
As shown in fig. 7, the software security protection method specifically includes step S210 and step S220.
And step S210, performing reverse transcoding on the compiled software instruction according to the key to obtain an original instruction corresponding to the software instruction.
Illustratively, the key includes a key corresponding to the software instruction, a key table corresponding to the software instruction, and/or a key index corresponding to the software instruction.
For example, the transcoded software instruction is inversely transcoded according to the key corresponding to the software instruction, so as to obtain the original instruction corresponding to the software instruction. It is to be understood that the software instructions are instructions in an executable function segment, and are unprotected instructions, and the original instructions are instructions that are not directly executable, and are protected instructions.
For example, the key corresponding to the software instruction may be randomly generated by the terminal device according to the software instruction, or set by user definition, or a preset key file may be imported. And the key corresponding to the software instruction is consistent with the key corresponding to the original instruction obtained by reverse transcoding of the software instruction. For example, the terminal device randomly generates a certain number of keys according to the function segment corresponding to the software instruction, where the software instructions in different function segments correspond to different keys. By increasing the number of the keys corresponding to the software, for example, different keys are used in different function sections of the software, so that the key value corresponding to the software is not unique, the cracking difficulty of the software is increased, and the safety of the software is improved.
And step S220, replacing the software instruction with the original instruction to obtain protected software.
Illustratively, after the software instruction is inversely transcoded to obtain an original instruction corresponding to the software instruction, the original instruction is used to replace the software instruction, and the replaced original instruction forms a protected software code. The software instruction obtained by compiling is reversely transcoded according to the key to obtain the encrypted original instruction, so that potential safety hazards of software caused by the fact that a user illegally obtains the software instruction can be avoided.
In some embodiments, the software security protection method specifically further includes: the key is encrypted to obtain an encrypted key. By encrypting the secret key, the difficulty of other users for illegally obtaining the secret key can be improved, and the safety of software is effectively improved.
In some embodiments, a key table is generated according to the software instructions and a key corresponding to the software instructions. By generating the key table corresponding to the software instruction, the management of the key is more convenient, the subsequent calling is also convenient, and the software operation efficiency is improved. Illustratively, the generated key table may be encrypted. By encrypting the key table, the difficulty of illegally obtaining the key by the user is improved, and the security of the software is effectively improved.
In some embodiments, after the key table is generated, a key index is generated according to the function segment corresponding to the software instruction, where the key index is used to determine a key corresponding to the software instruction, that is, a key corresponding to an original instruction, in the key table. Illustratively, a function address or a value obtained by performing some kind of conversion on some bits in the function address of a function segment corresponding to an original instruction, for example, a hash value obtained by performing hash algorithm conversion, is used as a key index of the function segment in a key table to obtain a correspondence between the function segment and the key index, where the key index is used to determine a key corresponding to the function segment in the key table. By generating the key index, the speed of obtaining the key is increased, and the speed of reverse transcoding is increased.
In the software security protection method provided by the embodiment, the original instruction corresponding to the software instruction is obtained by performing reverse transcoding on the software instruction obtained by compiling by using the key, and then the software instruction is replaced by the original instruction to obtain the protected software, so that the potential software security hazard caused by the fact that a user illegally obtains the executable software instruction can be avoided, and the security of the software can be effectively improved.
And after the compiled software instruction is obtained, performing reverse transcoding on the software instruction according to a key corresponding to the software instruction to obtain an original instruction corresponding to the software instruction, and then replacing the software instruction as the original instruction to obtain protected software. At this time, the original instruction included in the protected software is not executable, that is, the protected software cannot be directly executed, so that the executable code cannot be read even if the user illegally obtains the original instruction, thereby improving the security of the software. When the software instruction is to be executed, transcoding an original instruction obtained by performing reverse transcoding on the software instruction is required. Specifically, an original instruction and a key corresponding to the original instruction are obtained, the original instruction is obtained by performing reverse transcoding on a software instruction obtained by compiling according to the key, transcoding is performed on the original instruction according to the key to obtain a software instruction, decoding is performed on the software instruction, and the decoded instruction is executed. The method ensures that the software code is always kept in a secret state before and after running, and enhances the safety of the software.
Referring to fig. 8, fig. 8 is a schematic block diagram illustrating a structure of a computer device according to an embodiment of the present disclosure. The computer device may be a server or a terminal device.
As shown in fig. 8, the computer device includes a processor and a memory connected by a data bus, wherein the memory may include a nonvolatile storage medium and an internal memory.
The non-volatile storage medium may store an operating system and a computer program. The computer program includes program instructions that, when executed, cause a processor to perform any of the software security methods.
The processor is used for providing calculation and control capability and supporting the operation of the whole computer equipment.
The internal memory provides an environment for the execution of a computer program on a non-volatile storage medium, which when executed by a processor causes the processor to perform any of the software security methods.
Illustratively, in one embodiment, the computer device further comprises a network interface for performing network communications, such as sending assigned tasks and the like.
Those skilled in the art will appreciate that the architecture shown in fig. 8 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
Embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, where the computer program includes program instructions, and a method implemented when the program instructions are executed may refer to the embodiments of the software security protection method.
One of ordinary skill in the art will appreciate that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof.
In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation. Some or all of the physical components may be implemented as software executed by a Processor, or as hardware, or as an Integrated Circuit, such as an Application Specific Integrated Circuit (ASIC), wherein the Processor may be a Central Processing Unit (CPU), or other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, or the like. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.
In the software security protection apparatus, the computer device, and the storage medium provided in the foregoing embodiments, an original instruction and a key corresponding to the original instruction are obtained, then the original instruction is transcoded according to the key to obtain a software instruction, and finally the software instruction is decoded to execute the decoded instruction; the original instruction can obtain a real software instruction after transcoding, so that the software is in a protected state, and the safety of the software is enhanced.
It is to be understood that the terminology used in the description of the present application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification of the present application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items. It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments. While the invention has been described with reference to specific embodiments, the scope of the invention is not limited thereto, and those skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the invention. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A software security protection method is characterized by comprising the following steps:
acquiring an original instruction and a key corresponding to the original instruction, wherein the original instruction is obtained by reversely transcoding a software instruction obtained by compiling according to the key;
transcoding the original instruction according to the key to obtain a software instruction;
and decoding the software instruction and executing the decoded instruction.
2. The method of claim 1, wherein obtaining the key corresponding to the original instruction comprises:
acquiring a key corresponding to the original instruction from a key table, wherein the key table comprises a plurality of keys;
wherein the original instructions in different function segments correspond to different keys.
3. The method of claim 2, wherein the obtaining the key corresponding to the original instruction from the key table comprises:
when jumping from an original instruction of a first function segment to an original instruction of a second function, storing a key corresponding to the first function segment into a key stack, and acquiring a key corresponding to the second function from a key table; and
and when the original instruction of the first function segment is returned from the original instruction of the second function, taking out the key corresponding to the first function segment from the key stack.
4. The method of claim 2, wherein the obtaining the key corresponding to the original instruction from the key table comprises:
determining a key index corresponding to the function segment where the original instruction is located;
and acquiring a key corresponding to the key index in the key table according to the key index.
5. The method of claim 4, wherein the determining the key index corresponding to the function segment in which the original instruction is located comprises:
when jumping from an original instruction of a first function segment to an original instruction of a second function, storing a key index corresponding to the first function segment into an index stack, and determining a key index corresponding to the second function; and
and when the original instruction of the first function segment is returned from the original instruction of the second function, taking out the key index corresponding to the first function segment from the index stack.
6. The method according to any one of claims 1 to 5, wherein the obtaining a key corresponding to the original instruction comprises:
acquiring an encrypted key corresponding to the original instruction;
and decrypting the encrypted key to obtain the key corresponding to the original instruction.
7. A software security protection method is characterized by comprising the following steps:
performing reverse transcoding on the compiled software instruction according to the key to obtain an original instruction corresponding to the software instruction;
and replacing the software instruction with the original instruction to obtain protected software.
8. The method of claim 7, further comprising:
the key is encrypted to obtain an encrypted key.
9. A computer device comprising a memory, a processor, a program stored on the memory and executable on the processor, and a data bus for enabling connection communication between the processor and the memory, the program when executed by the processor enabling:
the steps of the software security protection method of any one of claims 1 to 6; and/or
The steps of the software security method of claim 7 or 8.
10. A storage medium for computer readable storage, the storage medium storing one or more programs executable by one or more processors to implement:
the steps of the software security protection method of any one of claims 1 to 6; and/or
The steps of the software security method of claim 7 or 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010605070.5A CN113934988A (en) | 2020-06-29 | 2020-06-29 | Software security protection method, computer device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010605070.5A CN113934988A (en) | 2020-06-29 | 2020-06-29 | Software security protection method, computer device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113934988A true CN113934988A (en) | 2022-01-14 |
Family
ID=79273053
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010605070.5A Pending CN113934988A (en) | 2020-06-29 | 2020-06-29 | Software security protection method, computer device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113934988A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117499023A (en) * | 2024-01-02 | 2024-02-02 | 深圳市玩视科技股份有限公司 | Hardware security method, device and storage medium based on AES algorithm |
-
2020
- 2020-06-29 CN CN202010605070.5A patent/CN113934988A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117499023A (en) * | 2024-01-02 | 2024-02-02 | 深圳市玩视科技股份有限公司 | Hardware security method, device and storage medium based on AES algorithm |
| CN117499023B (en) * | 2024-01-02 | 2024-04-09 | 深圳市玩视科技股份有限公司 | Hardware security method, device and storage medium based on AES algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4851200B2 (en) | Method and computer-readable medium for generating usage rights for an item based on access rights | |
| EP1571526A1 (en) | Metered execution of code | |
| CN111143869B (en) | Application package processing method and device, electronic equipment and storage medium | |
| US8862892B2 (en) | System and method for detecting a security compromise on a device | |
| US11188660B2 (en) | Blockchain-based image processing method and apparatus | |
| CN102163268A (en) | Method and apparatus for verifying the integrity of software code during execution and apparatus for generating such software code | |
| US9619653B2 (en) | System and method for detecting a security compromise on a device | |
| JP5540109B2 (en) | System and method for loading application classes | |
| KR20140097927A (en) | The methods for increasing the security of the software | |
| US20220083630A1 (en) | Protecting an item of software | |
| CN112966227A (en) | Code encryption and decryption method and device and storage medium | |
| CN109598105B (en) | Method and device for safely loading firmware by microcontroller, computer equipment and storage medium | |
| CN111159661B (en) | Decompilation prevention method and device, electronic equipment and storage medium | |
| CN113934988A (en) | Software security protection method, computer device and storage medium | |
| US9507922B1 (en) | System, method, and computer program for conditionally implementing protected content | |
| KR101203722B1 (en) | Apparatus and method for data protection | |
| EP2856377B1 (en) | Identification and execution of subsets of a plurality of instructions in a more secure execution environment | |
| US20230205927A1 (en) | Use of Semantically Segmented Filenames | |
| CN111104693A (en) | Android platform software data cracking method, terminal device and storage medium | |
| CN110516477A (en) | Document handling method and device | |
| KR101604892B1 (en) | Method and devices for fraud prevention of android-based applications | |
| US9064134B1 (en) | Method and apparatus for mitigating software vulnerabilities | |
| CN113613044A (en) | Video playing method and device, storage medium and electronic equipment | |
| KR101745821B1 (en) | Method and system for secure booting | |
| US10762179B2 (en) | System and method for watermarking software |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |