计算机与现代化 ›› 2012, Vol. 198 ›› Issue (2): 168-170.doi: 10.3969/j.issn.1006-2475.2012.02.045
• 信息安全 • 上一篇 下一篇
曹淑琴,郑成龙
收稿日期:
修回日期:
出版日期:
发布日期:
CAO Shu-qin, ZHENG Cheng-long
Received:
Revised:
Online:
Published:
摘要: 静态反汇编是对程序进行逆向工程的第一步,它将程序的可执行机器码以汇编指令代码的形式表示,给盗用软件知识产权和发掘软件漏洞提供了可能。为了混淆静态反汇编过程,增加对程序进行反汇编的难度,本文深入研究基于分支函数的静态反汇编混淆技术,针对其隐蔽性较差和代码执行效率低下的缺点,提出一种改进的分支函数静态反汇编混淆技术。改进后的混淆技术不仅能够有效地隐藏程序中的跳转指令,提高了代码的执行效率,同时增加了软件逆向工程分析的难度。
关键词: 逆向工程, 混淆技术, 静态反汇编, 分支函数
Abstract: The process of reverse engineering is an executable program typically begins with static disassembly that translates machine code to assembly code, which creates opportunities for theft of intellectual property and discoveries of vulnerabilities of the program. In order to disrupt the static disassembly process so as to make programs harder to disassemble correctly, after a deep research on the static disassembly obfuscation technique based on branch functions and its weakness on invisibility and code execution speed, this paper proposes an improved obfuscation technique based on branch functions which not only can hide the jump instructions efficiently but also enhance the code execution speed, and make the analysis of reverse engineering more difficult at the same time.
Key words: reverse engineering, obfuscation technique, static disassembly, branch functions
中图分类号:
TP309
曹淑琴;郑成龙. 基于分支函数的混淆技术研究[J]. 计算机与现代化, 2012, 198(2): 168-170.
CAO Shu-qin;ZHENG Cheng-long. Research on Obfuscation Technique Based on Branch Functions[J]. Computer and Modernization, 2012, 198(2): 168-170.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://www.c-a-m.org.cn/CN/10.3969/j.issn.1006-2475.2012.02.045
http://www.c-a-m.org.cn/CN/Y2012/V198/I2/168
