CN113946804A - Source code obfuscation method and device - Google Patents
Source code obfuscation method and device Download PDFInfo
- Publication number
- CN113946804A CN113946804A CN202111568074.1A CN202111568074A CN113946804A CN 113946804 A CN113946804 A CN 113946804A CN 202111568074 A CN202111568074 A CN 202111568074A CN 113946804 A CN113946804 A CN 113946804A
- Authority
- CN
- China
- Prior art keywords
- node
- ast
- ast node
- processing
- type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 236
- 238000012545 processing Methods 0.000 claims abstract description 192
- 230000009467 reduction Effects 0.000 claims abstract description 7
- 230000014509 gene expression Effects 0.000 claims description 131
- 238000006243 chemical reaction Methods 0.000 claims description 33
- 230000008569 process Effects 0.000 claims description 21
- 238000010276 construction Methods 0.000 claims description 18
- 238000003672 processing method Methods 0.000 claims description 7
- 238000011156 evaluation Methods 0.000 claims description 5
- 230000006870 function Effects 0.000 description 69
- 230000002829 reductive effect Effects 0.000 description 9
- 238000004590 computer program Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000011084 recovery Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 230000000670 limiting effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000036961 partial effect Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Document Processing Apparatus (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a source code obfuscation method and device. The method comprises the following steps: acquiring an abstract syntax tree AST corresponding to a source code to be processed; for each AST node in the AST, determining a confusion processing strategy corresponding to the AST node according to the node type corresponding to the AST node, and performing confusion processing on the AST node based on the confusion processing strategy corresponding to the AST node to obtain the confused AST; and carrying out code reduction processing on the obfuscated AST to obtain an obfuscated source code. By adopting the method and the device, the source code can be obfuscated, so that the source code is protected.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for obfuscating a source code.
Background
At present, the internet technology is rapidly developed, the internet reference technology of a PC end and a mobile end is exponentially increased, and meanwhile, the problem of key technology code leakage is brought. For most front-end codes, JavaScript codes are directly interpreted and executed by a browser and can be directly viewed through a development tool of the browser, so that the JavaScript codes are very easy to leak and are easy to steal and tamper. Therefore, a need exists for a method of obfuscating source code.
An Abstract Syntax Tree (AST) is an Abstract representation of the source code Syntax structure. It represents the syntactic structure of the programming language in the form of a tree, each node on the tree representing a structure in the source code. In the prior art, a scheme for performing confusion by using an abstract syntax tree principle is simple, and a source code after confusion has low complexity and is easy to be subjected to anti-confusion.
Disclosure of Invention
In view of the foregoing, there is a need to provide a method and apparatus for obfuscating source codes.
In a first aspect, a method for obfuscating source code is provided, the method including:
acquiring an abstract syntax tree AST corresponding to a source code to be processed;
for each AST node in the AST, determining a confusion processing strategy corresponding to the AST node according to the node type corresponding to the AST node, and performing confusion processing on the AST node based on the confusion processing strategy corresponding to the AST node to obtain the confused AST;
and carrying out code reduction processing on the obfuscated AST to obtain an obfuscated source code.
As an optional implementation manner, the determining, according to the node type corresponding to the AST node, an obfuscation processing policy corresponding to the AST node, and performing obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node includes:
if the node type corresponding to the AST node is the complex expression type, the confusion processing strategy corresponding to the AST node is a point operator replacing strategy and/or an attribute recursion replacing strategy, and the point operator replacing treatment and/or the attribute recursion replacing treatment are carried out on the AST node;
if the node type corresponding to the AST node is a binary expression type, the confusion processing strategy corresponding to the AST node is a method call conversion strategy, and the AST node is converted into a call expression type;
if the node type corresponding to the AST node is an identifier type or a character string font size type, the confusion processing strategy corresponding to the AST node is an array reference conversion strategy, and array reference conversion processing is carried out on the AST node;
if the node type corresponding to the AST node is the Boolean literal quantity type, the confusion processing strategy corresponding to the AST node is an expression conversion strategy, and the AST node is converted into a unitary expression type;
if the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing strategy corresponding to the AST node is a function parameter removal strategy and/or a method reference parameterization strategy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing;
if the node type corresponding to the AST node is a function declaration type, a function expression type or a cycle statement type and the method body is a multi-line method body, the confusion processing strategy corresponding to the AST node is a control flow flattening strategy and the AST node is subjected to control flow flattening processing;
and if the node type corresponding to the AST node is the complex expression type and the node type corresponding to the parent AST node of the AST node is the calling expression type, the obfuscation processing strategy corresponding to the AST node is a predefined method calling replacement strategy and/or a construction method replacement strategy, and predefined method calling replacement processing and/or construction method replacement processing is carried out on the AST node.
As an optional implementation manner, the performing attribute recursive replacement processing on the AST node includes:
constructing at least one object and at least one attribute corresponding to the object;
performing attribute recursion on attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access;
and replacing the attribute access of the complex expression in the AST node by the complex attribute access.
As an optional implementation manner, the performing array reference conversion processing on the AST node includes:
constructing a character string array according to the identifier or character string font size in the AST node;
carrying out sequential scrambling processing on each character string element in the character string array to obtain a disordered character string array;
in the disorder character string array, encrypting the element quotation of the character string element corresponding to the AST node to obtain the encrypted element quotation corresponding to the AST node;
and replacing the identifier or the character string literal quantity in the AST node with the encrypted element reference.
As an optional implementation, the performing method reference parameterization on the AST node includes:
obfuscation method references are added to parameters of function declarations or function expressions in the AST node.
As an optional implementation manner, the performing, on the AST node, a predefined method call replacement process includes:
a predefined method is inserted as a method reference to a preset location of the complex expression in the AST node.
As an optional implementation manner, the performing, by the AST node, a replacement process of the construction method includes:
establishing a method, method parameters and an assignment relationship of the method parameters;
assigning the method reference of the complex expression in the AST node to the method parameter to obtain an assigned method;
and replacing the complex expression in the AST node with the method reference of the method after the evaluation.
In a second aspect, there is provided an apparatus for obfuscating source code, the apparatus comprising:
the acquisition module is used for acquiring an abstract syntax tree AST corresponding to a source code to be processed;
the confusion processing module is used for determining a confusion processing strategy corresponding to the AST node according to the node type corresponding to the AST node aiming at each AST node in the AST, and performing confusion processing on the AST node based on the confusion processing strategy corresponding to the AST node to obtain the confused AST;
and the code restoring module is used for carrying out code restoring processing on the obfuscated AST to obtain an obfuscated source code.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
if the node type corresponding to the AST node is the complex expression type, the confusion processing strategy corresponding to the AST node is a point operator replacing strategy and/or an attribute recursion replacing strategy, and the point operator replacing treatment and/or the attribute recursion replacing treatment are carried out on the AST node;
if the node type corresponding to the AST node is a binary expression type, the confusion processing strategy corresponding to the AST node is a method call conversion strategy, and the AST node is converted into a call expression type;
if the node type corresponding to the AST node is an identifier type or a character string font size type, the confusion processing strategy corresponding to the AST node is an array reference conversion strategy, and array reference conversion processing is carried out on the AST node;
if the node type corresponding to the AST node is the Boolean literal quantity type, the confusion processing strategy corresponding to the AST node is an expression conversion strategy, and the AST node is converted into a unitary expression type;
if the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing strategy corresponding to the AST node is a function parameter removal strategy and/or a method reference parameterization strategy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing;
if the node type corresponding to the AST node is a function declaration type, a function expression type or a cycle statement type and the method body is a multi-line method body, the confusion processing strategy corresponding to the AST node is a control flow flattening strategy and the AST node is subjected to control flow flattening processing;
and if the node type corresponding to the AST node is the complex expression type and the node type corresponding to the parent AST node of the AST node is the calling expression type, the obfuscation processing strategy corresponding to the AST node is a predefined method calling replacement strategy and/or a construction method replacement strategy, and predefined method calling replacement processing and/or construction method replacement processing is carried out on the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
constructing at least one object and at least one attribute corresponding to the object;
performing attribute recursion on attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access;
and replacing the attribute access of the complex expression in the AST node by the complex attribute access.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
constructing a character string array according to the identifier or character string font size in the AST node;
carrying out sequential scrambling processing on each character string element in the character string array to obtain a disordered character string array;
in the disorder character string array, encrypting the element quotation of the character string element corresponding to the AST node to obtain the encrypted element quotation corresponding to the AST node;
and replacing the identifier or the character string literal quantity in the AST node with the encrypted element reference.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
obfuscation method references are added to parameters of function declarations or function expressions in the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
a predefined method is inserted as a method reference to a preset location of the complex expression in the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
establishing a method, method parameters and an assignment relationship of the method parameters;
assigning the method reference of the complex expression in the AST node to the method parameter to obtain an assigned method;
and replacing the complex expression in the AST node with the method reference of the method after the evaluation.
In a third aspect, a computer device is provided, comprising a memory and a processor, the memory having stored thereon a computer program operable on the processor to, when executed, perform the method steps of the first aspect.
In a fourth aspect, a computer-readable storage medium is provided, having stored thereon a computer program which, when being executed by a processor, carries out the method steps of the first aspect.
The application provides a source code obfuscation method and device, and the technical scheme provided by the embodiment of the application at least has the following beneficial effects:
the computer equipment acquires an abstract syntax tree AST corresponding to a source code to be processed, then determines an obfuscating processing strategy corresponding to the AST node according to a node type corresponding to the AST node aiming at each AST node in the AST, and performs obfuscating processing on the AST node based on the obfuscating processing strategy corresponding to the AST node to obtain the obfuscated AST. And finally, carrying out code reduction processing on the obfuscated AST to obtain an obfuscated source code. By the method, the computer equipment can confuse the source code to be processed, the complexity of confusing the source code to be processed is increased, the readability and the decryptability are reduced, the debugging difficulty is improved, the source code is protected, and the problem of confusion failure caused by the fact that a confusion scheme on the current market is easy to crack is solved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic application environment diagram of an obfuscation method of source codes according to an embodiment of the present disclosure;
FIG. 2 is a flowchart of a source code obfuscation method according to an embodiment of the present disclosure;
FIG. 3 is a flowchart of an attribute recursive replacement process provided in an embodiment of the present application;
FIG. 4 is a flowchart of a group reference transformation process provided in an embodiment of the present application;
FIG. 5 is a flow chart of an alternative process of a construction method according to an embodiment of the present application;
FIG. 6 is a schematic structural diagram of an obfuscation apparatus for source codes according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The obfuscation method of the source code provided by the embodiment of the application can be applied to an application environment as shown in fig. 1. Wherein the terminal 101 communicates with the server 102 via a network. The terminal 101 may send the pending source code to the server 102. The server 102 may obtain an abstract syntax tree AST corresponding to the source code to be processed. The server 102 may determine, for each AST node in the AST, an obfuscation processing policy corresponding to the AST node according to the node type corresponding to the AST node, and perform obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node to obtain an obfuscated AST. The server 102 may perform a code recovery process on the obfuscated AST to obtain an obfuscated source code. The terminal 101 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the server 102 may be implemented by an independent server or a server cluster formed by a plurality of servers.
A detailed description will be given below on a source code obfuscation method provided in an embodiment of the present application with reference to a specific implementation manner, and fig. 2 is a flowchart of the source code obfuscation method provided in the embodiment of the present application, and as shown in fig. 2, specific steps are as follows:
step 201, obtaining an abstract syntax tree AST corresponding to a source code to be processed.
In implementation, after the user submits the source code to be processed to the server, the server obtains the AST corresponding to the source code to be processed input by the user through the AST resolution tool. The AST obtained after analysis omits content such as separators and comments in the source code to be processed, and is composed of a plurality of nodes, and each node represents one structure in the source code to be processed. Different structures are distinguished by different node types, common types being: BooleanLiteral, Identifier, binaryExpression, CallExpression, VariableDeclaration, function Declaration, and the like. The server can convert the source code to be processed by performing various operations on the AST obtained after analysis, and realizes confusion of the source code to be processed without changing the operation logic of the source code to be processed. For example, the server uses an AST resolution tool Esprima to resolve each statement of the source code to be processed into a corresponding AST node, so as to obtain an AST corresponding to the source code to be processed.
Step 202, for each AST node in the AST, determining an obfuscation processing policy corresponding to the AST node according to the node type corresponding to the AST node, and performing obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node to obtain an obfuscated AST.
In implementation, the server traverses the AST, judges a node type corresponding to the AST node through node analysis for each AST node in the AST, determines a confusion processing policy corresponding to the AST node according to the node type corresponding to the AST node, and performs confusion processing on the AST node based on the confusion processing policy corresponding to the AST node to obtain the confused AST. Wherein the obfuscation process may be adding, modifying or deleting operations to the specified AST node. In addition, the server can acquire the confusion mode set by the user and perform the confusion processing on the AST according to the confusion mode set by the user, wherein the confusion mode set by the user can comprise the selected code block to be processed, what confusion processing strategy is performed, the confusion processing complexity information and the like.
As an optional implementation manner, when the confusion processing policies corresponding to the AST nodes of different node types are different, and the server determines the confusion processing policy corresponding to the AST node according to the node type corresponding to the AST node, and performs the confusion processing on the AST node based on the confusion processing policy corresponding to the AST node, there are the following cases:
in case 1, if the node type corresponding to the AST node is a complex expression type, the obfuscation processing policy corresponding to the AST node is a point operator replacement policy and/or an attribute recursive replacement policy, and point operator replacement processing and/or attribute recursive replacement processing are performed on the AST node.
In implementation, if the server determines that the node type corresponding to the AST node is the complex expression type, the obfuscation processing policy corresponding to the AST node is a point operator replacement policy and/or an attribute recursion replacement policy, and the server performs point operator replacement processing and/or attribute recursion replacement processing on the AST node. The complex expression is formed by combining a basic expression and an operational character, wherein the basic expression is the minimum unit of the expression and is divided into a literal quantity, a keyword and a variable. JavaScript defines two syntaxes for attribute access: the first writing is an expression followed by a period and an identifier, the expression specifying the object and the identifier specifying the name of the attribute to be accessed, for example: name; the second writing is the use of brackets with another expression that specifies the name of the property to be accessed, for example: car [ 'name' ]. The first writing method is the most commonly used writing method in the industry, so that the AST node is subjected to point operator replacement processing, and the first writing method is replaced by the second writing method, so that the readability of attribute access of a complex expression in the AST node can be reduced, and the complexity of an obfuscated source code is increased. The server carries out attribute recursion replacement processing on the AST node, carries out attribute recursion on a plurality of objects according to a recursion sequence to construct complex attribute access, replaces attribute access of the complex expression in the AST node, reduces readability of the attribute access of the complex expression in the AST node by increasing recursion times of the attribute access of the complex expression in the AST node, and increases complexity of a source code after confusion.
As an optional implementation manner, fig. 3 is a flowchart of an attribute recursive replacement process provided in an embodiment of the present application, and as shown in fig. 3, a processing procedure of the server performing the attribute recursive replacement process on the AST node is as follows:
step 301, at least one object and at least one attribute corresponding to the object are constructed.
In an implementation, the server constructs at least one object and attributes corresponding to the at least one object. The attribute name of the constructed second object is stored in the attribute of the constructed first object, and by analogy, the server can construct more objects according to the confusion mode set by the user.
And step 302, performing attribute recursion on the attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access.
In implementation, the attribute name of the constructed second object can be obtained by accessing the attributes in the constructed first object, and so on, the server performs attribute recursion on the attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access.
Step 303, the attribute access of the complex expression in the AST node is replaced by the complex attribute access.
In an implementation, the server replaces the attribute access of the complex expression in the AST node with the complex attribute access. The attribute access of the complex expression in the AST node is reduced by increasing the recursion times of the attribute access of the complex expression in the AST node, and the complexity of the obfuscated source code is increased. For example, the server replaces the original attribute access person [ "fullName" ] with the complex attribute access person [ a [ 'ex' ] ] by building the object var a = { ex: "fullName" }.
In case 2, if the node type corresponding to the AST node is a binary expression type, the obfuscation processing policy corresponding to the AST node is a method call conversion policy, and the AST node is converted into a call expression type.
In implementation, if the server determines that the node type corresponding to the AST node is a binary expression type, the obfuscation processing policy corresponding to the AST node is a method call conversion policy, and the server converts the AST node into a call expression type. A simple AST node of binary expression type with operators flanked by AST nodes of literal type or identifier type is well understood, for example: 123| 456. If an AST node of a binary expression type is converted into an AST node of a call expression type, difficulty in understanding a source code corresponding to the AST node can be increased. For example, the server converts the binary expression 123|456 into a simple call expression function (s, h) { return s | h; (123, 456). Depending on the obfuscation set by the user, the server may choose to convert the binary expression to a complex calling expression, e.g., the server construct object var f = { 'qojyjv': function (g, h, j) { return g (h, j); }, 'HEcgN n': function (k, q) { return k | q }, 'PpJmM': function (r, t) { return r < t; }, and convert the binary expression 123|456 to a complex calling expression f [ 'HEcgN' ] (123, 456).
In case 3, if the node type corresponding to the AST node is an identifier type or a character string font size type, the obfuscation processing policy corresponding to the AST node is an array reference conversion policy, and array reference conversion processing is performed on the AST node.
In implementation, if the server determines that the node type corresponding to the AST node is the identifier type or the character string font size type, the obfuscation processing policy corresponding to the AST node is an array reference conversion policy, and the server performs array reference conversion processing on the AST node. By carrying out array reference conversion processing on the AST node, the character quantity of the identifier or the character string in the source code is converted into element reference, the character quantity of the identifier or the character string can be hidden, the reading difficulty of the confused source code is increased, the encrypted element reference can improve the cracking cost, and the source code is better protected.
As an alternative implementation manner, fig. 4 is a flowchart of a array reference conversion process provided in an embodiment of the present application, and as shown in fig. 4, a processing procedure of performing the array reference conversion process on the AST node by a server is as follows:
step 401, according to the identifier or character size of the character string in the AST node, a character string array is constructed.
In implementation, the server constructs a string array based on the identifier or the literal quantity of the string in the AST node. Each element in the character string array is a character string, optionally, the server can select some elements in the character string array to convert the elements into Unicode codes of the ten thousand national codes, and reading difficulty is further increased.
Step 402, performing order scrambling processing on each character string element in the character string array to obtain a disordered character string array.
In implementation, the server performs order scrambling processing on each character string element in the character string array to obtain a disordered character string array, so that the difficulty of breaking the obfuscated source code can be improved.
Step 403, in the out-of-order character string array, encrypting the element reference of the character string element corresponding to the AST node to obtain the encrypted element reference corresponding to the AST node.
In implementation, the server encrypts the element reference of the string element corresponding to the AST node in the out-of-order string array to obtain an encrypted element reference corresponding to the AST node. Compared with the method of directly using the element reference corresponding to the AST node in the disorder character string array, the encrypted element reference is used, the disorder character string array is hidden, and the readability of the obfuscated source code is greatly reduced.
Step 404 replaces the identifier or character string in the AST node with the encrypted element reference.
In implementation, the server replaces the identifier or string literal in the AST node with an encrypted element reference. For example, the server extracts the character string face quantity "fullName" in var a = "fullName" to a character string array b, performs sequential scrambling processing on each character string element in the character string array b to obtain a disordered character string array c, performs encryption processing on element references of the disordered character string array, and replaces the original character string face quantity "fullName" with an encrypted element reference d ('0x 2').
In case 4, if the node type corresponding to the AST node is the boolean type, the obfuscation processing policy corresponding to the AST node is an expression conversion policy, and the AST node is converted into the unary expression type.
In implementation, if the server determines that the node type corresponding to the AST node is a boolean type, the obfuscation processing policy corresponding to the AST node is an expression conversion policy, and converts the AST node into a unary expression type. The operator | can perform an operation of forcibly converting the expression into a boolean value, and the operation result is true or false, so the server can convert the boolean literal into the operator | followed by a preset expression, thereby increasing the difficulty of understanding the obfuscated source code. For example, true is converted to!and false is converted to!.
And 5, if the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing policy corresponding to the AST node is a function parameter removal policy and/or a method reference parameterization policy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing.
In implementation, if the server determines that the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing policy corresponding to the AST node is a function parameter removal policy and/or a method reference parameterization policy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing. Function expressions and function declarations are the two most common methods of creating function objects in ECMAScript. The server removes the function parameter from the AST node, deletes the function parameter needing parameter transmission in the function expression or function declaration, declares the homonym variable in the function body, and initializes the homonym variable to the actual value of the parameter transmission, thereby complicating the function. For example, the function expression var function () whose function parameter is removed by the server is called "function ()" (let a) is defined [0 ]; let b ═ definitions [1 ]; log (a), replacing the original function expression var func (a) function (a), optionally, the server may add an obfuscated variable declaration let b (entries [1], hide the declared homonym variable a, and further increase the complexity of the obfuscated source code. The server carries out method reference parameterization on the AST node, introduces the method reference as a function parameter into a function, and reduces the readability of the obfuscated source code by using the method reference in a function body.
As an optional implementation, the processing procedure of the server performing the method reference parameterization on the AST node is as follows:
obfuscation method references are added to parameters of function declarations or function expressions in the AST node.
In implementation, the server adds an obfuscation method reference to a parameter of a function declaration or a function expression in the AST node, and the obfuscation method reference is used in a function body, so that readability of obfuscated source code can be reduced.
And 6, if the node type corresponding to the AST node is a function declaration type, a function expression type or a loop statement type and the method body is a multi-line method body, the obfuscating processing strategy corresponding to the AST node is a control flow flattening strategy, and the AST node is subjected to control flow flattening processing.
In implementation, if the server determines that the node type corresponding to the AST node is a function declaration type, a function expression type, or a loop statement type, and the method body is a multi-line method body, the obfuscation processing policy corresponding to the AST node is a control flow flattening policy, and the AST node is subjected to control flow flattening processing. The basic idea of the control flow flattening strategy is to have a common predecessor block for all basic blocks, and the predecessor block performs the distribution of the basic blocks. The server judges that the node type corresponding to the AST node is function declaration, function expression or ForStatement, and obtains a body method statement under the AST node; constructing an array a according to the number of basic blocks in the body method body statement under the AST node, wherein elements in the array a are numbers or letters, for example, the number of the basic blocks is 5, and the elements of the constructed array a are 0, 1, 2, 3 and 4 in sequence; introducing a random number generation method, and disordering the element sequence in the array a to obtain an array b; for each basic block in the body method body statement under the AST node, converting the basic block into a SwitchCase node according to the information of the basic block, and sequentially distributing the elements in the array b to each basic block according to the execution sequence of the basic blocks as the value of the corresponding case statement of the basic block; constructing a character string c of' character intervals according to the array b, and generating a SwitchStatement node of a variable x; introducing the WhileStatement node increases the dead cycle. Through the control flow flattening processing, the server breaks the relation between the code blocks, and a distributor controls the jumping of the code blocks, so that the execution sequence of the source code is not executed from top to bottom in a general way, and the readability of the obfuscated source code is reduced.
In case 7, if the node type corresponding to the AST node is the complex expression type and the node type corresponding to the parent AST node of the AST node is the calling expression type, the obfuscation processing policy corresponding to the AST node is a predefined method calling replacement policy and/or a building method replacement policy, and predefined method calling replacement processing and/or building method replacement processing is performed on the AST node.
In implementation, if the server determines that the node type corresponding to the AST node is the complex expression type and the node type corresponding to the parent AST node of the AST node is the calling expression type, the obfuscation processing policy corresponding to the AST node is a predefined method calling replacement policy and/or a construction method replacement policy, and predefined method calling replacement processing and/or construction method replacement processing is performed on the AST node. The server carries out predefined method call replacement processing on the AST node, selects a predefined method in a programming language to which a source code to be processed belongs, and inserts method references of the predefined method into a preset position of a complex expression in the AST node, so that the readability of the obfuscated source code is reduced. The server carries out construction method replacement processing and construction method on the AST node, assigns method citation of the complex expression in the AST node to method parameters of the method, replaces the complex expression in the AST node with the method citation of the assigned method, and improves understanding difficulty of the obfuscated source code. As an optional implementation manner, the processing procedure of the server performing the predefined method call replacement processing on the AST node is as follows:
a predefined method is inserted as a method reference to a preset location of the complex expression in the AST node.
In implementation, the server inserts a predefined method as a method reference into a preset location of the complex expression in the AST node. The predefined method is a predefined method in a programming language to which the source code to be processed belongs, and can be used directly or by referring to a related library file. For example, in JavaScript language, a method that can be used on different objects can be written using a call () method and an apply () method, and a bind () method can bind a function to a certain object. For example, the server performs a predefined method call replacement process on the AST node where the container.log ('hello') is located, and the server inserts the method reference of the call () method into the preset position of the complex expression in the AST node, and converts the container.log ('hello') into the container.log.call (this, 'hello'), thereby reducing the readability of the obfuscated source code.
As an optional implementation manner, fig. 5 is a flowchart of a replacement process of a construction method provided in an embodiment of the present application, and as shown in fig. 5, a process of performing the replacement process of the construction method on the AST node by a server is as follows:
step 501, establishing a method, method parameters and assignment relationship of the method parameters.
In implementation, the server constructs methods, method parameters, and assignment relationships of the method parameters. The established assignment relationship of the method parameters can enable the method references of the complex expressions in the AST nodes to be replaced by specific expressions, and the original functions can still be realized.
Step 502, assigning the method reference of the complex expression in the AST node to a method parameter to obtain an assigned method.
In implementation, the server assigns the method reference of the complex expression in the AST node to the method parameter to obtain the assigned method. According to the established method, the method parameter and the assignment relationship of the method parameter, the method reference of the method after assignment and the method reference of the complex expression in the AST node can have a large difference in form and content. Step 503, replacing the complex expression in the AST node with a method reference of the method after evaluation.
In implementation, the server replaces the complex expression in the AST node with a method reference to the assigned method. For example, the server constructs assignment relations of methods, method parameters and method parameters, assigns method references of complex expressions in the AST node to the method parameters, obtains assigned methods (function wUM (R, S) { R [ 'zIJ' ] = S;) (this, [ 'console' ] [ 'log' ]), converts console. log ('hello') into this [ 'zIJ' ] ('hello'), and reduces readability of obfuscated source codes.
And step 203, performing code reduction processing on the obfuscated AST to obtain an obfuscated source code.
In implementation, the server performs code recovery processing on the obfuscated AST to obtain an obfuscated source code. The code recovery processing is a reverse processing, and AST can be assembled into source code capable of compiling and running.
The embodiment of the application provides a source code obfuscation method, in which a computer device acquires an abstract syntax tree AST corresponding to a source code to be processed, determines an obfuscation processing policy corresponding to an AST node according to a node type corresponding to the AST node for each AST node in the AST, and performs obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node to obtain an AST after obfuscation. And finally, carrying out code reduction processing on the obfuscated AST to obtain an obfuscated source code. By the method, the computer equipment can confuse the source code to be processed, the complexity of confusing the source code to be processed is increased, the readability and the decryptability are reduced, the debugging difficulty is improved, the source code is protected, and the problem of confusion failure caused by the fact that a confusion scheme on the current market is easy to crack is solved.
It should be understood that, although the steps in the flowcharts of fig. 2 to 5 are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2 to 5 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of performing the steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least some of the other steps or stages.
It is understood that the same/similar parts between the embodiments of the method described above in this specification can be referred to each other, and each embodiment focuses on the differences from the other embodiments, and it is sufficient that the relevant points are referred to the descriptions of the other method embodiments.
An embodiment of the present application further provides an obfuscation apparatus of a source code, as shown in fig. 6, the apparatus includes:
an obtaining module 610, configured to obtain an abstract syntax tree AST corresponding to a source code to be processed;
an obfuscation processing module 620, configured to determine, for each AST node in the AST, an obfuscation processing policy corresponding to the AST node according to a node type corresponding to the AST node, and perform obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node to obtain an obfuscated AST;
and a code restoring module 630, configured to perform code restoring processing on the obfuscated AST to obtain an obfuscated source code.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
if the node type corresponding to the AST node is the complex expression type, the confusion processing strategy corresponding to the AST node is a point operator replacing strategy and/or an attribute recursion replacing strategy, and the point operator replacing treatment and/or the attribute recursion replacing treatment are carried out on the AST node;
if the node type corresponding to the AST node is a binary expression type, the confusion processing strategy corresponding to the AST node is a method call conversion strategy, and the AST node is converted into a call expression type;
if the node type corresponding to the AST node is an identifier type or a character string font size type, the confusion processing strategy corresponding to the AST node is an array reference conversion strategy, and array reference conversion processing is carried out on the AST node;
if the node type corresponding to the AST node is the Boolean literal quantity type, the confusion processing strategy corresponding to the AST node is an expression conversion strategy, and the AST node is converted into a unitary expression type;
if the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing strategy corresponding to the AST node is a function parameter removal strategy and/or a method reference parameterization strategy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing;
if the node type corresponding to the AST node is a function declaration type, a function expression type or a cycle statement type and the method body is a multi-line method body, the confusion processing strategy corresponding to the AST node is a control flow flattening strategy and the AST node is subjected to control flow flattening processing;
and if the node type corresponding to the AST node is the complex expression type and the node type corresponding to the parent AST node of the AST node is the calling expression type, the obfuscation processing strategy corresponding to the AST node is a predefined method calling replacement strategy and/or a construction method replacement strategy, and predefined method calling replacement processing and/or construction method replacement processing is carried out on the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
constructing at least one object and attributes corresponding to the at least one object;
performing attribute recursion on attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access;
the complex attribute access replaces the attribute access of the complex expression in the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
constructing a character string array according to the identifier or character string font size in the AST node;
carrying out sequential scrambling processing on each character string element in the character string array to obtain a disordered character string array;
in the disorder character string array, encrypting the element quotation of the character string element corresponding to the AST node to obtain the encrypted element quotation corresponding to the AST node;
the identifier or string literal quantity in the AST node is replaced with the encrypted element reference.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
obfuscation method references are added to parameters of function declarations or function expressions in the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
a predefined method is inserted as a method reference to a preset location of the complex expression in the AST node.
As an optional implementation manner, the obfuscation processing module is specifically configured to:
establishing a method, method parameters and an assignment relationship of the method parameters;
assigning the method reference of the complex expression in the AST node to a method parameter to obtain an assigned method;
and replacing the complex expression in the AST node with a method reference of the method after evaluation.
The embodiment of the application provides a source code obfuscation device, in which a computer device acquires an abstract syntax tree AST corresponding to a source code to be processed, then determines an obfuscation processing policy corresponding to an AST node according to a node type corresponding to the AST node for each AST node in the AST, and performs obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node to obtain an obfuscated AST. And finally, carrying out code reduction processing on the obfuscated AST to obtain an obfuscated source code. By the method, the computer equipment can confuse the source code to be processed, the complexity of confusing the source code to be processed is increased, the readability and the decryptability are reduced, the debugging difficulty is improved, the source code is protected, and the problem of confusion failure caused by the fact that a confusion scheme on the current market is easy to crack is solved.
For the specific definition of the obfuscation means of the source code, reference may be made to the above definition of the obfuscation method of the source code, which is not described herein again. The various modules in the obfuscation arrangement of source code described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, as shown in fig. 7, comprising a memory and a processor, the memory storing thereon a computer program operable on the processor, the processor implementing the steps of the obfuscation method of the source code described above when executing the computer program.
In an embodiment, a computer-readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the obfuscation method of source code described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
It should be further noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (8)
1. A method of obfuscating source code, the method comprising:
acquiring an abstract syntax tree AST corresponding to a source code to be processed;
for each AST node in the AST, determining a confusion processing strategy corresponding to the AST node according to the node type corresponding to the AST node, and performing confusion processing on the AST node based on the confusion processing strategy corresponding to the AST node to obtain the confused AST; the determining, according to the node type corresponding to the AST node, an obfuscation processing policy corresponding to the AST node, and performing obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node, includes: if the node type corresponding to the AST node is the complex expression type, the confusion processing strategy corresponding to the AST node is a point operator replacing strategy and/or an attribute recursion replacing strategy, and the point operator replacing treatment and/or the attribute recursion replacing treatment are carried out on the AST node; if the node type corresponding to the AST node is a binary expression type, the confusion processing strategy corresponding to the AST node is a method call conversion strategy, and the AST node is converted into a call expression type; if the node type corresponding to the AST node is an identifier type or a character string font size type, the confusion processing strategy corresponding to the AST node is an array reference conversion strategy, and array reference conversion processing is carried out on the AST node; if the node type corresponding to the AST node is the Boolean literal quantity type, the confusion processing strategy corresponding to the AST node is an expression conversion strategy, and the AST node is converted into a unitary expression type; if the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing strategy corresponding to the AST node is a function parameter removal strategy and/or a method reference parameterization strategy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing; if the node type corresponding to the AST node is a function declaration type, a function expression type or a cycle statement type and the method body is a multi-line method body, the confusion processing strategy corresponding to the AST node is a control flow flattening strategy and the AST node is subjected to control flow flattening processing; if the node type corresponding to the AST node is a complex expression type and the node type corresponding to the parent AST node of the AST node is a calling expression type, the obfuscation processing strategy corresponding to the AST node is a predefined method calling replacement strategy and/or a construction method replacement strategy, and predefined method calling replacement processing and/or construction method replacement processing is carried out on the AST node;
and carrying out code reduction processing on the obfuscated AST to obtain an obfuscated source code.
2. The method of claim 1 wherein said performing attribute recursive replacement processing on the AST node comprises:
constructing at least one object and at least one attribute corresponding to the object;
performing attribute recursion on attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access;
and replacing the attribute access of the complex expression in the AST node by the complex attribute access.
3. The method of claim 1, wherein said performing array reference conversion processing on the AST node comprises:
constructing a character string array according to the identifier or character string font size in the AST node;
carrying out sequential scrambling processing on each character string element in the character string array to obtain a disordered character string array;
in the disorder character string array, encrypting the element quotation of the character string element corresponding to the AST node to obtain the encrypted element quotation corresponding to the AST node;
and replacing the identifier or the character string literal quantity in the AST node with the encrypted element reference.
4. The method of claim 1 wherein said performing a method reference parameterization on the AST node comprises:
obfuscation method references are added to parameters of function declarations or function expressions in the AST node.
5. The method of claim 1 wherein said performing a predefined method call replacement process on the AST node comprises:
a predefined method is inserted as a method reference to a preset location of the complex expression in the AST node.
6. The method of claim 1, wherein said performing the build method replacement process on the AST node comprises:
establishing a method, method parameters and an assignment relationship of the method parameters;
assigning the method reference of the complex expression in the AST node to the method parameter to obtain an assigned method;
and replacing the complex expression in the AST node with the method reference of the method after the evaluation.
7. An apparatus for obfuscating source code, the apparatus comprising:
the acquisition module is used for acquiring an abstract syntax tree AST corresponding to a source code to be processed;
the confusion processing module is used for determining a confusion processing strategy corresponding to the AST node according to the node type corresponding to the AST node aiming at each AST node in the AST, and performing confusion processing on the AST node based on the confusion processing strategy corresponding to the AST node to obtain the confused AST; the determining, according to the node type corresponding to the AST node, an obfuscation processing policy corresponding to the AST node, and performing obfuscation processing on the AST node based on the obfuscation processing policy corresponding to the AST node, includes: if the node type corresponding to the AST node is the complex expression type, the confusion processing strategy corresponding to the AST node is a point operator replacing strategy and/or an attribute recursion replacing strategy, and the point operator replacing treatment and/or the attribute recursion replacing treatment are carried out on the AST node; if the node type corresponding to the AST node is a binary expression type, the confusion processing strategy corresponding to the AST node is a method call conversion strategy, and the AST node is converted into a call expression type; if the node type corresponding to the AST node is an identifier type or a character string font size type, the confusion processing strategy corresponding to the AST node is an array reference conversion strategy, and array reference conversion processing is carried out on the AST node; if the node type corresponding to the AST node is the Boolean literal quantity type, the confusion processing strategy corresponding to the AST node is an expression conversion strategy, and the AST node is converted into a unitary expression type; if the node type corresponding to the AST node is a function declaration type or a function expression type, the obfuscation processing strategy corresponding to the AST node is a function parameter removal strategy and/or a method reference parameterization strategy, and the AST node is subjected to function parameter removal processing and/or method reference parameterization processing; if the node type corresponding to the AST node is a function declaration type, a function expression type or a cycle statement type and the method body is a multi-line method body, the confusion processing strategy corresponding to the AST node is a control flow flattening strategy and the AST node is subjected to control flow flattening processing; if the node type corresponding to the AST node is a complex expression type and the node type corresponding to the parent AST node of the AST node is a calling expression type, the obfuscation processing strategy corresponding to the AST node is a predefined method calling replacement strategy and/or a construction method replacement strategy, and predefined method calling replacement processing and/or construction method replacement processing is carried out on the AST node;
and the code restoring module is used for carrying out code restoring processing on the obfuscated AST to obtain an obfuscated source code.
8. The apparatus according to claim 7, wherein the obfuscation processing module is specifically configured to:
constructing at least one object and at least one attribute corresponding to the object;
performing attribute recursion on attributes corresponding to at least one object according to a recursion sequence to construct complex attribute access;
and replacing the attribute access of the complex expression in the AST node by the complex attribute access.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111568074.1A CN113946804B (en) | 2021-12-21 | 2021-12-21 | Source code obfuscation method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111568074.1A CN113946804B (en) | 2021-12-21 | 2021-12-21 | Source code obfuscation method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113946804A true CN113946804A (en) | 2022-01-18 |
| CN113946804B CN113946804B (en) | 2022-05-20 |
Family
ID=79339449
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111568074.1A Active CN113946804B (en) | 2021-12-21 | 2021-12-21 | Source code obfuscation method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113946804B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9582666B1 (en) * | 2015-05-07 | 2017-02-28 | Shape Security, Inc. | Computer system for improved security of server computers interacting with client computers |
| CN110569628A (en) * | 2019-09-09 | 2019-12-13 | 北京智游网安科技有限公司 | Code obfuscation method and device, computer device and storage medium |
| CN110826032A (en) * | 2019-11-05 | 2020-02-21 | 浪潮卓数大数据产业发展有限公司 | AST-based Javascript obfuscation method |
| CN112597454A (en) * | 2020-12-28 | 2021-04-02 | 深圳市欢太科技有限公司 | Code obfuscation method, code operation method, device, medium, and apparatus |
| CN113282892A (en) * | 2021-04-16 | 2021-08-20 | 南方电网数字电网研究院有限公司 | Code obfuscation method, apparatus, computer device and storage medium |
| CN113282893A (en) * | 2021-04-27 | 2021-08-20 | 南方电网数字电网研究院有限公司 | Source code reinforcing method and device, computer equipment and storage medium |
-
2021
- 2021-12-21 CN CN202111568074.1A patent/CN113946804B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9582666B1 (en) * | 2015-05-07 | 2017-02-28 | Shape Security, Inc. | Computer system for improved security of server computers interacting with client computers |
| CN110569628A (en) * | 2019-09-09 | 2019-12-13 | 北京智游网安科技有限公司 | Code obfuscation method and device, computer device and storage medium |
| CN110826032A (en) * | 2019-11-05 | 2020-02-21 | 浪潮卓数大数据产业发展有限公司 | AST-based Javascript obfuscation method |
| CN112597454A (en) * | 2020-12-28 | 2021-04-02 | 深圳市欢太科技有限公司 | Code obfuscation method, code operation method, device, medium, and apparatus |
| CN113282892A (en) * | 2021-04-16 | 2021-08-20 | 南方电网数字电网研究院有限公司 | Code obfuscation method, apparatus, computer device and storage medium |
| CN113282893A (en) * | 2021-04-27 | 2021-08-20 | 南方电网数字电网研究院有限公司 | Source code reinforcing method and device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113946804B (en) | 2022-05-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109992935B (en) | Source code protection method and device | |
| US20140344569A1 (en) | Protecting data | |
| Alhuzali et al. | Chainsaw: Chained automated workflow-based exploit generation | |
| CN107229848A (en) | A kind of code reinforcement means and device | |
| CN110569628B (en) | Code obfuscation method and device, computer device and storage medium | |
| US8677149B2 (en) | Method and system for protecting intellectual property in software | |
| CN110647329A (en) | Code obfuscation method, apparatus, computer device and storage medium | |
| JP4951416B2 (en) | Program verification method and program verification apparatus | |
| CN111008022B (en) | Relationship diagram generation method, device, computer equipment and storage medium | |
| CN114611074A (en) | Method, system, equipment and storage medium for obfuscating source code of solid language | |
| CN112528201A (en) | Method and device for calling third-party platform, computer equipment and storage medium | |
| CN111723345A (en) | Callback function-based control flow obfuscation method and system | |
| CN111753302A (en) | Method and device for detecting code bugs, computer readable medium and electronic equipment | |
| Cheers et al. | Spplagiarise: A tool for generating simulated semantics-preserving plagiarism of java source code | |
| CN108932407B (en) | Program safety protection method and device | |
| CN108153745B (en) | Application data calling method and application development system | |
| CN113946804B (en) | Source code obfuscation method and device | |
| CN115688108B (en) | Webshell static detection method and system | |
| CN113449330B (en) | Method for transmitting Javascript encrypted file | |
| CN113282892A (en) | Code obfuscation method, apparatus, computer device and storage medium | |
| CN110460585B (en) | Equipment identity identification method and device, computer equipment and storage medium | |
| CN111651781A (en) | Log content protection method and device, computer equipment and storage medium | |
| CN111475152A (en) | Code processing method and device | |
| Bazhenov et al. | Methodology of software code decomposition analysis | |
| CN114880673B (en) | Method and system for detecting privacy data leakage aiming at applet source code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |