欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2009, Vol. 26 ›› Issue (5): 688-694.DOI: 10.7523/j.issn.2095-6134.2009.5.015

• 论文 • 上一篇    下一篇

一种基于自修改代码技术的软件保护方法

王祥根1,2,3, 司端锋2, 冯登国2, 苏璞睿2   

  1. 1. 中国科学技术大学电子工程与信息科学系,合肥 230027;
    2. 中国科学院软件研究所信息安全国家重点实验室,?北京 100190;
    3. 信息安全共性技术国家工程研究中心,北京 100190
  • 收稿日期:2009-02-13 修回日期:2009-04-24 发布日期:2009-09-15
  • 通讯作者: 王祥根
  • 基金资助:

    国家自然科学基金项目(60703076)和国家"863"高技术研究发展计划项目(2006AA01Z412,2007AA01Z451)资助 

Software protection method based on self-modification mechanism

WANG Xiang-Gen1,2,3, SI Duan-Feng2, FENG Deng-Guo2, SU Pu-Rui2   

  1. 1. Department of Electronic Engineering and Information Science, University of Science and Technology of China, Hefei 230027, China;
    2. State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China;
    3. National Engineering Research Center for Information Security, Beijing 100190, China
  • Received:2009-02-13 Revised:2009-04-24 Published:2009-09-15

摘要:

提出一种基于自修改代码(SMC)技术的软件保护方法,该方法通过将关键代码转换为数据存储在原程序中,以隐藏关键代码;受保护的可执行文件执行过程中,通过修改进程中存储有隐藏代码的虚拟内存页面属性为可执行,实现数据到可执行代码的转换. 实验证明,此软件保护方法简单,易实现,可以有效提高SMC的抗逆向分析能力.

关键词: 自修改代码, 软件保护, 动态分析, 静态分析

Abstract:

In this paper, we present a new method based on self-modification mechanism to protect softwares against illegal acts of hacking. The key idea is to converse key codes into data in the original program so as to make programs harder to analyze correctly. Then, we translate data to executable codes by enabling the virtual memory page which stores the hidden code to be executable at run-time. Our experiments demonstrate that the method is practical and efficient.

Key words: self-modifying code(SMC), software protection, dynamic analysis, static analysis

中图分类号: