軟件保護(hù)虛擬機(jī)改進(jìn)方案研究
發(fā)布時(shí)間:2019-01-23 16:05
【摘要】:計(jì)算機(jī)軟件方便了人們的工作和生活,如何高強(qiáng)度的保護(hù)軟件,保障軟件開(kāi)發(fā)者的合法權(quán)益,促進(jìn)軟件行業(yè)的健康發(fā)展,是當(dāng)今軟件安全方向的熱點(diǎn)問(wèn)題。軟件保護(hù)虛擬機(jī)作為當(dāng)前保護(hù)強(qiáng)度高,穩(wěn)定性強(qiáng)的保護(hù)技術(shù),已經(jīng)廣泛應(yīng)用于對(duì)軟件核心算法的保護(hù),并且獲得了良好的保護(hù)效果。其實(shí)現(xiàn)原理是將待保護(hù)的X86指令,經(jīng)過(guò)一套自己設(shè)計(jì)的虛擬指令的轉(zhuǎn)化,變成只能由開(kāi)發(fā)者設(shè)計(jì)的虛擬機(jī)解釋的字節(jié)碼,使用相應(yīng)的虛擬機(jī)自帶的解釋器對(duì)該字節(jié)碼進(jìn)行解釋執(zhí)行。在安全性上,虛擬機(jī)解釋器中大量的混淆,虛擬機(jī)解釋器自身結(jié)構(gòu)的復(fù)雜性大大增加了逆向人員的工作量。在實(shí)際應(yīng)用中,虛擬機(jī)保護(hù)通常和其他保護(hù)手段相結(jié)合,進(jìn)一步增強(qiáng)了安全性,但是這并不表示軟件保護(hù)虛擬機(jī)無(wú)法攻破。同時(shí),軟件保護(hù)虛擬機(jī)也存在執(zhí)行效率低,耗費(fèi)時(shí)間長(zhǎng),只能用來(lái)保護(hù)少量關(guān)鍵核心代碼的缺陷,這使得軟件保護(hù)虛擬機(jī)的保護(hù)范圍有限。本文主要完成了以下工作:(1)首先簡(jiǎn)要介紹了軟件保護(hù)虛擬機(jī)的研究現(xiàn)狀,隨后詳細(xì)介紹了軟件保護(hù)虛擬機(jī)的保護(hù)原理和各個(gè)部分的作用。并介紹了針對(duì)軟件保護(hù)虛擬機(jī)的攻擊可行性分析。(2)使用OllyScript腳本動(dòng)態(tài)提取Handler,并將它們進(jìn)行裁剪,然后用基于FCM模糊聚類(lèi)算法,將其進(jìn)行聚類(lèi)處理,對(duì)語(yǔ)義相同或相近的Handler完成自動(dòng)歸類(lèi)分析,對(duì)程序中識(shí)別出來(lái)的相同的Handler進(jìn)行標(biāo)示,從而降低了逆向人員的工作量。最后對(duì)方案關(guān)鍵部分進(jìn)行了簡(jiǎn)單的模擬,驗(yàn)證了方案的可行性。(3)針對(duì)軟件保護(hù)虛擬機(jī)的執(zhí)行效率低的特點(diǎn),引入了分支預(yù)測(cè)的思想,對(duì)所有跳轉(zhuǎn)分支進(jìn)行預(yù)判。然后定量分析了該方案對(duì)執(zhí)行效率的影響,給出BPVMP設(shè)計(jì)方案的關(guān)鍵部分。最后進(jìn)行系統(tǒng)模擬,驗(yàn)證了改進(jìn)方案的有效性。
[Abstract]:Computer software is convenient for people's work and life, how to protect software with high strength, to guarantee the legitimate rights and interests of software developers, to promote the healthy development of software industry, and is a hot issue in the direction of software security today. As the protection technology with high protection strength and strong stability, the software protection virtual machine has been widely used in the protection of the software core algorithm, and has obtained a good protection effect. The implementation principle is that the X86 instruction to be protected is converted into a byte code which can only be interpreted by the virtual machine designed by the developer through the transformation of a set of virtual instructions designed by the developer, and the byte code is interpreted and executed by using an interpreter provided by the corresponding virtual machine. in security, that complexity of the self-structure of the virtual machine interpreter greatly increases the workload of the reverse engineer. In practical applications, virtual machine protection is usually combined with other protection means to further enhance security, but this does not mean that the software protection virtual machine cannot break. At the same time, the software protection virtual machine also has the defects of low execution efficiency and long time, and can only be used for protecting a small number of key core codes, which makes the protection range of the software protection virtual machine limited. In this paper, the following work is done: (1) Firstly, the research status of the software protection virtual machine is briefly introduced, and the protection principle and the function of each part of the software protection virtual machine are introduced in detail. The feasibility of the attack on the software protection virtual machine is also introduced. and (2) dynamically extracting the Handler by using the OllyScript script, and cutting the Handler, then carrying out clustering processing on the Handler based on the FCM fuzzy clustering algorithm, performing automatic classification analysis on the Handler with the same or similar semantics, marking the same Handler identified in the program, so that the workload of the reverse personnel is reduced. Finally, a simple simulation of the key part of the scheme is carried out, and the feasibility of the scheme is verified. (3) Aiming at the characteristics of low execution efficiency of the software protection virtual machine, the idea of branch prediction is introduced, and all the jump branches are pre-judged. Then the effect of the scheme on the execution efficiency is analyzed, and the key part of the design of the BPVMP is given. and finally, the system simulation is carried out, and the effectiveness of the improved scheme is verified.
【學(xué)位授予單位】:武漢工程大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2016
【分類(lèi)號(hào)】:TP311.5;TP309
本文編號(hào):2413974
[Abstract]:Computer software is convenient for people's work and life, how to protect software with high strength, to guarantee the legitimate rights and interests of software developers, to promote the healthy development of software industry, and is a hot issue in the direction of software security today. As the protection technology with high protection strength and strong stability, the software protection virtual machine has been widely used in the protection of the software core algorithm, and has obtained a good protection effect. The implementation principle is that the X86 instruction to be protected is converted into a byte code which can only be interpreted by the virtual machine designed by the developer through the transformation of a set of virtual instructions designed by the developer, and the byte code is interpreted and executed by using an interpreter provided by the corresponding virtual machine. in security, that complexity of the self-structure of the virtual machine interpreter greatly increases the workload of the reverse engineer. In practical applications, virtual machine protection is usually combined with other protection means to further enhance security, but this does not mean that the software protection virtual machine cannot break. At the same time, the software protection virtual machine also has the defects of low execution efficiency and long time, and can only be used for protecting a small number of key core codes, which makes the protection range of the software protection virtual machine limited. In this paper, the following work is done: (1) Firstly, the research status of the software protection virtual machine is briefly introduced, and the protection principle and the function of each part of the software protection virtual machine are introduced in detail. The feasibility of the attack on the software protection virtual machine is also introduced. and (2) dynamically extracting the Handler by using the OllyScript script, and cutting the Handler, then carrying out clustering processing on the Handler based on the FCM fuzzy clustering algorithm, performing automatic classification analysis on the Handler with the same or similar semantics, marking the same Handler identified in the program, so that the workload of the reverse personnel is reduced. Finally, a simple simulation of the key part of the scheme is carried out, and the feasibility of the scheme is verified. (3) Aiming at the characteristics of low execution efficiency of the software protection virtual machine, the idea of branch prediction is introduced, and all the jump branches are pre-judged. Then the effect of the scheme on the execution efficiency is analyzed, and the key part of the design of the BPVMP is given. and finally, the system simulation is carried out, and the effectiveness of the improved scheme is verified.
【學(xué)位授予單位】:武漢工程大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2016
【分類(lèi)號(hào)】:TP311.5;TP309
【參考文獻(xiàn)】
相關(guān)期刊論文 前2條
1 靳蓓蓓;張仕斌;;可信計(jì)算平臺(tái)及其研究現(xiàn)狀[J];長(zhǎng)春大學(xué)學(xué)報(bào);2007年04期
2 于淼,孫強(qiáng);對(duì)加殼技術(shù)的改進(jìn):超粒度混雜技術(shù)[J];計(jì)算機(jī)應(yīng)用;2004年08期
,本文編號(hào):2413974
本文鏈接:http://www.sikaile.net/kejilunwen/ruanjiangongchenglunwen/2413974.html
最近更新
教材專(zhuān)著
