融合加密与水印的移动终端代码防篡改研究  被引量：2

作　　者：潘红改 程学军 王建平[2] PAN Hong-gai;CHENG Xue-jun;WANG Jian-ping(Henan University of Technology,Luohe Institute of Technology,Luohe Henan 462000,China;School of Information Engineering,Henan Institute of Science and Technology,Xinxiang Heman 453003,China)

机构地区：[1]河南工业大学漯河工学院,河南漯河462000 [2]河南科技学院信息工程学院,河南新乡453003

出　　处：《计算机仿真》2022年第1期186-189,199,共5页Computer Simulation

基　　金：河南省科技攻关计划项目(212102210422);河南省高等学校重点科研项目(20A520002);河南省高等学校青年骨干教师培养计划项目(2019GGJS172)。

摘　　要：针对不法分子通过篡改移动终端设备代码获取利益的问题,提出了一种融合加密与水印的移动终端代码防篡改方法。对移动终端代码遭受篡改的原因、代码篡改攻击技术,以及风险评估方面分别进行分析,作为加密与水印算法的设计依据。修改AES算法中的轮边界,对其进行拆分和补充,将密钥信息藏于查找表中,并对乱码进行混淆处理,从而增强密钥信息的保护效果。通过代码的加密和自解密机制,将代码转换成不可阅读的密钥代码,采用自检技术检验代码是否被篡改,将加密算法与混沌序列相结合,利用不敏感段的代码哈希值,对敏感代码段进行保护,防止攻击者对移动终端代码的恶意篡改。实验结果表明,采用融合加密与水印算法处理后的程序与原始程序相似度很高,隐蔽性很好,攻击者很难对程序代码进行有效的篡改攻击。Aiming at the problem that criminals obtain profits by tampering with the code of mobile terminal equipment, a tamper-proof method of mobile terminal code combining encryption and watermarking was proposed. The reasons for the tampering of the mobile terminal code, the tampering attack technology and the risk assessment are analyzed respectively, which serve as the design basis of the encryption and watermarking algorithms. We modified the wheel boundary in the algorithm, splitted and supplemented it, then hid the key information in the look-up table, and confused the garbled code, so as to enhance the protection effect of key information. Through the encryption and self decryption mechanism of the code, the code was converted into an unreadable key code, the self-test technology was used to check whether the code was tampered, the encryption algorithm was combined with the chaotic sequence, and the code hash value of the insensitive section was used to protect the sensitive code section, so as to prevent the attacker from malicious tampering with the mobile terminal code. The experimental results show that the program processed by the fusion encryption and watermarking algorithm has high similarity with the original program and good concealment. It is difficult for the attacker to tamper with the program code effectively.

关 键 词：移动终端软件 加密算法 水印算法 篡改攻击 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]