一种具有时间多样性的虚拟机软件保护方法
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

国家自然科学基金(61070176, 61170218, 61272461); 教育部高等学校博士学科点专项科研基金(20106101110018); 陕西省科技攻关计划(2011K06-07)


Software Protection Based on Virtual Machine with Time Diversity
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    软件核心算法防逆向保护,是软件研发乃至软件产业发展的迫切需求,也是当前软件安全研究领域的热点之一.虚拟机软件保护作为一种保护强度高、商业应用广的技术,已被用于软件核心算法保护,并在很大程度上能够抵御攻击者的逆向分析.但这种保护方法难以抵御累积攻击,无法提供更加持久的保护.时间多样性是指一个软件在不同时间被执行时,执行路径不同,主要用于抵御累积攻击.将时间多样性与虚拟机软件保护相结合,提出了一种具有时间多样性的虚拟机软件保护方法,称为TDVMP.在TDVMP中,通过构造多条相异的执行路径,使得被保护软件在不同次执行时,能够动态选取不同执行路径,从而极大地增加了攻击者进行累积的核心算法逆向分析攻击的难度.同时,对于TDVMP设计中的关键问题,比如多执行路径的构造与选择等进行了详细讨论.此外,提出了时间多样性保护效果的评价指标,并给出了其度量及计算方法.以所实现的原型系统为基础,通过一组具有一定实用价值的实例,对所提出的方法进行了测试、实验.结果表明,TDVMP对于软件核心算法防逆向保护是有效且实用的.

    Abstract:

    Anti-Reversing protection for persistent and high-insensitive software core algorithm has become an insistent demand for the research of software security and even for the whole software industry. Virtual machine based software protection has been widely used to protect the core algorithm from being reversed, but it is not sufficient for the current method to defend against cumulative attack and thus cannot provide long-term effective protection. Time diversity is used to fight against cumulative attack to allow software to execute along variant paths in different running time. A virtual machine based software protection method with time diversity, called TDVMP, is proposed in the paper. The key idea of the method is to construct multiple execution paths with equivalent semantics leading to dynamically variant execution paths in running time. Main design issues of TDVMP, such as construction and selection of multiple execution paths, are discussed in detail. Furthermore, a metric named variation of execution paths to evaluate the effectiveness of time diversity is proposed, and the methods to measure and compute the metric are also presented. A prototype of TDVMP is implemented, and upon which the experiments are carried out with a set of practical use cases. Experiment results show that TDVMP is effective and applicable for core algorithm anti-reversing protection.

    参考文献
    相似文献
    引证文献
引用本文

房鼎益,赵媛,王怀军,顾元祥,许广莲.一种具有时间多样性的虚拟机软件保护方法.软件学报,2015,26(6):1322-1339

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2013-03-29
  • 最后修改日期:2014-03-07
  • 录用日期:
  • 在线发布日期: 2015-06-04
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号