|
|
|
Compiling method for obfuscation technology based on crossing
control-flow |
| FU Jian-jing1, 2, WANG Ke1 |
1.Institute of Remote Sensing and Information System, Zhejiang University, Hangzhou 310029,China;
2.School of Information Technology, Zhejiang University of Finances and Economics, Hangzhou 310018, China |
|
|
|
Abstract A compiler builtin obfuscating technology was developed in order to protect software intellectual property and keep from reverse engineering and static analysis. A crossing controlflow code obfuscation technology and the corresponding compiling solution were presented. The control crossing principle of If statement and While loop statement were given out, which produced the control blocks of multilevel exit and entry, so the code control flow became more complicated. Meanwhile, the protected code block was placed in the crossing control blocks to conceal the true control flow. Then the automatic anticompile can be effectively prevented and the difficulty of software analysis was enhanced. Because the crossing controlflow in source code level cannot be passed by compiler, a compatible compiling method of builtin functions was presented, which made programming simple and safe. The simulation and analysis results indicated that the technology had good protection effect for source code; the target code was slightly increased after compiled, and its running efficiency was almost not affected.
|
|
Published: 19 March 2012
|
|
|
基于交叉控制流混淆技术的编译方法
为了保护软件知识产权,阻止逆向工程和静态分析,研究内置迷惑技术的编译器.提出交叉控制流的代码迷惑技术以及应用这种技术的编译实现方案.给出if语句和while循环语句控制流交叉原理,产生多入口多出口控制块,使代码控制流复杂化.同时把被保护代码块放置于交叉控制块间,以达到隐蔽真实控制流的目的,因而能有效阻止自动反编译并增强软件分析的难度.由于源代码级不可形成控制交叉,给出内置此功能的兼容编译实现方法,使得程序员书写的代码简单而安全.经仿真和分析,提出的技术对代码具有很好的保护效果,编译后的目标指令有略微增加,而运行效率几乎不受影响.
|
|
| [1] 芦斌,罗向阳,刘粉林.一种基于混沌的软件水印算法框架及实现[J].软件学报,2007,18(2): 351360.
LU Bin, LUO Xiangyang, LIU Fenlin. A chaosbased framework and implementation for software watermarking algorithm[J]. Journal of Software, 2007, 18(2): 351360.
[2] SIVADASAN P, LAL P S, SIVADASAN N. JDATATRANS for array obfuscation in Java source codes to defeat reverse engineering from decompiled codes [C] ∥ Proceedings of the 2nd Bangalore Annual Compute Conference. Bangalore India: ACM, 2009: 115 124.
[3] 罗宏,蒋剑琴,曾庆凯.用于软件保护的代码迷惑技术[J].计算机工程,2008,32(11): 177179.
LUO Hong, JIANG Jianqin, ZENG Qingkai. Code obfuscation for software protection [J]. Computer Engineering, 2008, 32 (11): 177179.
[4] 王一宾,陈意云.代码迷惑技术研究进展[J].吉林大学学报:信息科学版,2008,26(4): 386390.
WANG Yibin, CHEN Yiyun. Progress of research on code obfuscation technology[J]. Journal of Jilin University: Information Science Edition, 2008, 26 (4): 386390.
[5] COLLBERG C, THOMBORSON C, LOW D. A taxonomy of obfuscating transformations[R].New Zealand: University of Auckland, 1997: 148.
[6] CECCATO M, DI PENTA M, NAGRA J, et al. The effectiveness of source code obfuscation: an experimental assessment [C]∥ ICPC ′09, IEEE 17th International Conference. Vancouver, BC, Canada: IEEE, 2009: 178187.
[7] BOAZ B, GOLDREICH O, RUSELL I, et al. On the (im)possibility of obfuscating programs[M]. [S.l.]: Springer, 2001: 118.
[8] ANCKAERT B, MADOU M, SUTTER B D, et al. Program obfuscation: a quantitative approach [C]∥3rd Workshop on Quality of Protection/14th ACM Computer and Communications Security Conference. Alexandria VA: ACM, 2009: 1520.
[9] CHAN J T, YANG W. Advanced obfuscation techniques for Java bytecode\
[J]. Journal of Systems and Software, 2004,71(1/2): 110.
[10] HOU T W, CHEN H Y, TSAI M H. Three control flow obfuscation methods for Java software [C]∥ IEE Proceeding of Software. [S.l.]: IEE, 2006: 8186.
[11] TSAI H Y, HUANG Y L, DAVID W. A graph approach to quantitative analysis of controlflow obfuscating transformations [J]. IEEE Transactions on Information Forensics and Security, 2009, 4(2): 257267.
[12] 吕映芝,张素琴,蒋维杜.编译原理[M].北京:清华大学出版社,1998: 162178.
[13] 陈火旺,刘春林,谭庆平,等.程序设计语言编译原理[M].北京:国防工业出版社,2000: 166200. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
| |
Shared |
|
|
|
|
| |
Discussed |
|
|
|
|
