A Code Protection Model Based on Instruction Virtualization

doi:10.3969/j.issn.1671-1122.2017.02.004

Netinfo Security ›› 2017, Vol. 17 ›› Issue (2): 22-28.doi: 10.3969/j.issn.1671-1122.2017.02.004

• Orginal Article • Previous Articles Next Articles

A Code Protection Model Based on Instruction Virtualization

Chunlai DU^1,², Dandan KONG¹(), Jingzhong WANG¹, Xingbang TAN¹

1. Information Security Lab, North China University of Technology, Beijing 100144, China
2. Institute of Computing Technology, Chinese Academy of Science, Beijing 100191, China

Received:2016-12-02 Online:2017-02-20 Published:2020-05-12

Abstract

Abstract:

Currently, software cracking and piracy not only brings great hidden troubles for user's safety, but also brings huge losses for software developers. In order to resist the reverse engineering to analyze and crack the software and increase the difficulty of attackers’ reverse analysis to the codes, an effective method to protect the code instructions is needed. Instruction virtualization technology achieves the purpose of software protection by using custom virtual instruction set to replace the native instruction set. According to the present software protection problems, this paper puts forward a code protection model based on the instruction virtualization, using custom virtual instruction set to replace the protected native instructions, reconstructing virtual environment to implement the original key codes by interpretation, and stripping out the explicit association between native instructions and context. Experimental tests show that the model can effectively resist the reverse analysis and achieve the purpose of protecting the software codes.

Key words: software protection, instruction virtualization, reverse analysis

CLC Number:

TP309.2

Chunlai DU, Dandan KONG, Jingzhong WANG, Xingbang TAN. A Code Protection Model Based on Instruction Virtualization[J]. Netinfo Security, 2017, 17(2): 22-28.

Figures/Tables 11

References 13

[1]	BSA GLOBAL SOFTWARE SURVEY. Seizing Opportunity Through License Compliance[EB/OL] .
[2]	吴伟民, 许文锋, 林志毅, 等. 基于增强型虚拟机的软件保护技术[J]. 计算机工程与科学, 2014, 36(4): 655-661.
[3]	国家互联网应急中心.关于使用非苹果官方XCODE存在植入恶意代码情况的预警通报[EB/OL]..
[4]	CHOW S, EISEN P, JOHNSON H, et al.A White-box DES Implementation for DRM Applications[M]// Digital Rights Management . Heidelberg :Springer Berlin Heidelberg, 2002: 1-15.
[5]	张健,王文旭,牛鹏飞,等. 恶意软件防治产品与服务评测体系研究[J]. 信息网络安全,2016(9):113-117.
[6]	刘志成, 周伯生. 基于加密和即时解密的软件保护[J]. 北京航空航天大学学报, 2006, 32(6): 721-724.
[7]	王海平, 曹林, 孙国梓, 等. 随机花指令加密算法研究[J]. 计算机应用, 2006, 26(2): 338-0340.
[8]	周梅红, 刘宇峰, 胡晓雯, 等. 恶意代码多态变形技术的研究[J]. 计算机与数字工程, 2008, 36(10): 149-153.
[9]	吴丹飞, 王春刚, 郝兴伟. 恶意代码的变形技术研究[J]. 计算机应用与软件, 2012, 29(3): 74-77.
[10]	王玮.一种基于USBKey 加解密技术的软件保护方案研究[J]. 信息网络安全, 2012 (5): 52-58.
[11]	房鼎益, 赵媛, 王怀军,等. 一种具有时间多样性的虚拟机软件保护方法[J]. 软件学报 , 2015, 26(6):1322-1339.
[12]	GHOSH S, HISER J, DAVIDSON J W.Replacement Attacks against VM-protected Applications[J]. Acm Sigplan Notices, 2012, 47(7):203-214.
[13]	宫月,李超,吴薇. 虚拟化安全技术研究[J]. 信息网络安全,2016(9):73-78.

A Code Protection Model Based on Instruction Virtualization

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 11

References 13

Related Articles 1

Recommended Articles

Metrics

Comments