增强型虚拟寄存器轮转算法  被引量:1

Enhanced method based on virtual registers rotation

在线阅读下载全文

作  者:潘雁 林伟 PAN Yan;LIN Wei(State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China)

机构地区:[1]数学工程与先进计算国家重点实验室,河南郑州450001

出  处:《网络与信息安全学报》2018年第5期47-54,共8页Chinese Journal of Network and Information Security

基  金:国家重点研发计划基金资助项目(No.2016YFB0801601;No.2016YFB0801505)~~

摘  要:为了对抗基于数据流逆向分析的语义攻击,以虚拟寄存器为切入点,提出了一种增强型虚拟寄存器轮转算法。该算法通过在解释执行中随机打乱部分虚拟寄存器与操作数的虚拟编译映射关系,有效地增加了虚拟机在解释执行过程中的数据流复杂度;同时,随机采用3种机制对轮转长度进行设定,增强了虚拟机代码保护系统的多样性。最后,设计实现了采用增强型虚拟寄存器轮转算法的虚拟机代码保护原型系统,验证了该算法的有效性。Sematic attacks based on the data flow analysis bring big challenges to the code obfuscation. Concerning the data flow of virtual machine based(VM-based) code protection, the method transfers the mapping relation between the virtual registers and the op-code of the bytecode during executing, which means the uncertainty and complexity of the data flow during interpretive execution of the bytecode. In addition, three policies are proposed to address the problem that how to choose the length of rotation for each bytecode, which grows complexity of the protection. Finally, a prototype of VRR-VM(virtual machine protection system based on virtual registers rotation) was implemented. Experiment results show that the method is effective and applicable for anti-reversing.

关 键 词:虚拟机代码保护 寄存器轮转 数据流分析 语义攻击 

分 类 号:TP311[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象