一种基于虚拟机Handler动态加解密的软件保护方法及实现  被引量:5

A SOFTWARE PROTECTION METHOD BASED ON DYNAMIC ENCRYPTION AND DECRYPTION OF VIRTUAL MACHINE HANDLERS AND ITS IMPLEMENTATION

在线阅读下载全文

作  者:谢鑫 马凌 陈亮 

机构地区:[1]湖南信息学院,湖南长沙410151

出  处:《计算机应用与软件》2017年第12期321-325,333,共6页Computer Applications and Software

摘  要:考虑到Handler序列为逆向分析者的重点攻击对象。针对Handler指令序列的内存转储分析以及起始和终止点的断点分析,提出一种基于虚拟机Handler动态加解密的软件保护方法,在基于虚拟机的软件保护方法上,增加加密和解密代码模块,并将所有Handler进行加密保存。当程序执行到某个Handler时,先将加密过的Handler进行解密并执行,执行完成后再次对其进行加密,直到所有Handler序列执行结束。实验和分析表明:该方法能够有效防止攻击者对于Handler的起始和终止位置进行断点调试分析和内存转储分析。Virtual instruction handlers are the core targets for reverse analyzers to be attacked. Aiming at memory dump and breakpoint analysis for handler sequences, a software protection method based dynamic encryption and decryption of virtual machine handlers is proposed. On the basis of framework of virtual machine protection, code modules of encryption and decryption are embedded into the framework, and all encrypted handlers are restored. When a Handler is executed, the encrypted Handler is decrypted and executed. After execution, it is encrypted again until all Handler sequences are finished. Experiments and analysis showed that the method effectively prevented attackers from memory dumping and breakpoint debugging.

关 键 词:逆向分析 虚拟机保护 动态加密和解密 内存转储 断点调试 

分 类 号:TP3[自动化与计算机技术—计算机科学与技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象