检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:李成扬 黄天波 陈夏润 文伟平[1] LI Chengyang;HUANG Tianbo;CHEN Xiarun;WEN Weiping(School of Software and Microelectronics,Peking University,Beijing 102600,China)
出 处:《计算机工程与应用》2023年第8期263-269,共7页Computer Engineering and Applications
摘 要:软件安全问题在后疫情时代越发突出,代码混淆作为一种成熟的保护方案,借助于LLVM提供了跨平台使用的可能性,但基于LLVM的控制流混淆算法在保护力度上有所局限,一方面是现有的算法模式固定,缺乏结构上的创新性,另一方面是混淆处理时,未考虑到攻击者可以根据基本块的入度进行虚假块的预先判断,存在容易被识别的风险,因此提出两种算法:首先是嵌套switch混淆,打破固有的扁平化处理模式,通过在内部重新构造switch结构,增强对跳转变量的隐藏;其次是入度混淆,在虚假控制流中添加防入度分析策略,通过改变虚假块的入度规避虚假块的识别问题。在LLVM10上实现了方案原型并进行实验,结果表明:混淆方法在1.5倍内的时空开销内,相较于已有的控制流混淆方案,可以进一步降低58.67%的程序基本块相似度,增加64.44%的跳转指令。Software security issues are becoming more prominent in the post-epidemic era,and code obfuscation as a mature protection scheme provides the possibility of cross-platform use with the help of LLVM.However,LLVM-based control flow obfuscation algorithms are limited in terms of protection strength,on the one hand,the existing algorithm model is immutable and lacks structural innovation.On the other hand,the obfuscation processing does not take into account the fact that attackers can base on the basic block.Therefore,two algorithms are proposed:firstly,nested switch obfuscation,which breaks the inherent flat processing model and enhances the hiding of the hopping amount by reconstructing the switch structure internally;secondly,indegree obfuscation,which adds an anti-entry degree analysis strategy to the false control flow to circumvent the false block by changing the indegree of the false block.The results show that the obfuscation method can further reduce 58.67%of the basic block similarity and increase 64.44%of the jump instructions compared to the existing control-flow obfuscation scheme within 1.5 times the temporal overhead.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.104