检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:耿普 祝跃飞[1] GENG Pu;ZHU Yuefei(Information Engineering University,Zhengzhou 450001,China)
机构地区:[1]信息工程大学,河南郑州450001
出 处:《网络与信息安全学报》2020年第6期25-34,共10页Chinese Journal of Network and Information Security
基 金:国家重点研发计划(2016YFB0801601,2016YFB0801505)。
摘 要:当前分支混淆技术通过构造条件异常代码和异常处理替代条件跳转指令,隐藏分支选择指令的地址,提高约束条件获取的难度,从而对抗符号执行。当前方法构造的条件异常代码中,关键数据具有二值性问题,有利于分支混淆的检测、发现和约束条件获取,降低了混淆的隐蔽性和与符号执行的对抗性;基于该缺点,提出一种使关键数据具有多样性特征的条件异常代码构造方法,增加了混淆的隐蔽性和约束条件的获取难度,提高分支混淆对抗符号执行的强度;通过结构化异常处理实现了基于新型条件异常代码构造的分支混淆原型系统,并对混淆进行了测试和分析。Using conditional exception code construction and exception handler to replace conditional jump code,the branch obfuscation get the right branch selection,but the address of branch point was concealed,so this obfuscation method can defeat symbolic execution by impeding the constraint condition collecting.The normal method of conditional exception code construction has a fault that the key data in conditional exception code has two-value problem,this fault make down the ability of branch obfuscation in impeding symbolic execution.Based on this shortcoming,a novel method which can make the key data in conditional exception code diversity was proposed.This method can improve the difficulty of constraint condition fetching,so the ability to defeat symbolic execution of branch obfuscation was enhanced.At last,a prototype obfuscation system based on structural exception handler was implemented to test the new method of conditional exception code construction.
关 键 词:条件异常代码构造 分支混淆 符号执行 结构化异常处理
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.13