低代价的软件防逆向分析方法研究与实现
[Abstract]:With the development of software industry, software reverse problem becomes more and more important. Software reverse protection technology is also emerging in endlessly, such as virtual machine protection technology, shell protection technology and API protection technology, anti-debugging protection technology and so on. These protection techniques are generally divided into two categories, one is that the use of encryption algorithms or program structure changes to make the program extremely complex, obscure and difficult to understand, to reverse analysts in the process of reverse program problems, and then achieve the purpose of the protection program. The other is to protect the information and methods used in reverse analysis. The first method has high protection intensity but it is easy to affect the performance of the program. The second kind of method has the disadvantage of easy to be removed although it will not have a great impact on the program. To solve these problems, this paper proposes a low-cost anti-reverse analysis method, which is composed of two specific methods: anti-stain analysis method and implicit anti-debugging method. They are designed for the key steps in the process of reverse analysis, which can improve the anti-reverse analysis ability of the program without causing large losses to the program. The reverse analysis method is designed to obtain program control flow according to the program data flow in reverse analysis. Through three techniques, the stain data can be bleached, and the sensitive data of the program can be effectively protected from being tracked. Further protect program data flow information, so that the target program anti-reverse ability to improve. An implicit anti-debugging method is proposed to solve the general problem that anti-debugging is easy to be removed. It combines debugging information with running information, because it hides the characteristics of anti-debugging protection method. So in the anti-debugging but also increased the difficulty of anti-debugging was found and removed. Neither of these methods will cause a large performance loss to the program. Finally, a low cost anti-reverse analysis prototype system is implemented according to the method proposed in this paper. It combines the method proposed in this paper and can protect the program and enhance the anti-reverse ability of the program. Finally, the effectiveness of the proposed method is analyzed, and the experimental results show that the proposed method does not cause much performance loss to the program.
【学位授予单位】:西北大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP311.5;TP309
【相似文献】
相关期刊论文 前10条
1 赵波;;程序的逆向分析和反逆向分析[J];科学咨询(科技·管理);2011年04期
2 刘键林;;巧用花指令延缓逆向分析[J];天津职业院校联合学报;2011年08期
3 刘豫;王明华;苏璞睿;冯登国;;基于动态污点分析的恶意代码通信协议逆向分析方法[J];电子学报;2012年04期
4 孙静;舒辉;康绯;董鹏程;;软件网络通信过程逆向分析及可视化技术研究[J];计算机工程与设计;2012年09期
5 付强;钟玲;单闯;;运用Cadence软件逆向分析232接口电路[J];辽宁大学学报(自然科学版);2010年02期
6 李广旭;李伟华;潘炜;史豪斌;;软件安全逆向分析中程序结构解析模型设计[J];计算机工程与应用;2008年32期
7 周英;;源代码逆向分析过程中的语法分析[J];信息技术;2010年08期
8 叶永宏;武东英;陈扬;;一种基于细粒度污点分析的逆向平台[J];计算机工程与应用;2012年28期
9 翟俊祥;组合逻辑电路的逆向分析和条件通路法[J];西安建筑科技大学学报(自然科学版);1992年04期
10 谢裕敏;舒辉;陈建敏;熊小兵;;MFC消息响应函数的逆向定位[J];计算机应用;2009年05期
相关会议论文 前1条
1 陈帆;谷大武;陆海宁;;FreeGate软件的逆向分析[A];全国计算机安全学术交流会论文集(第二十三卷)[C];2008年
相关博士学位论文 前2条
1 蒋烈辉;固件代码逆向分析关键技术研究[D];解放军信息工程大学;2007年
2 王祥根;自修改代码逆向分析方法研究[D];中国科学技术大学;2009年
相关硕士学位论文 前10条
1 徐天伦;面向页面流的Web软件可变性逆向分析及定制[D];复旦大学;2014年
2 王晓峰;直升机桨叶气动外形逆向分析与建模技术研究[D];南京航空航天大学;2015年
3 窦增杰;可信机制逆向分析平台的设计与实现[D];解放军信息工程大学;2010年
4 王庆亮;未知协议逆向分析关键技术研究[D];北方工业大学;2015年
5 焦永生;进程间通信过程逆向分析技术研究[D];解放军信息工程大学;2013年
6 徐慊;嵌入式控制软件逆向分析方法研究[D];西安电子科技大学;2013年
7 倪晓辉;支持多平台的逆向分析系统[D];浙江大学;2007年
8 董建业;加密网络程序的逆向分析技术研究[D];北京邮电大学;2011年
9 胡刚;固件代码逆向分析关键技术研究[D];解放军信息工程大学;2011年
10 谭蕾;基于静态逆向分析的数据迷乱技术研究[D];西安建筑科技大学;2009年
,本文编号:2142584
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2142584.html
