摘要
软件哨兵是一种动态防篡改技术,但是哨兵自身安全性无法保障,容易被绕过或移除。针对软件哨兵中存在的安全弊端,着重研究和实现了三线程结构和软件哨兵相结合的动态防篡改技术,利用改进的三线程结构来保护哨兵自身安全。相对于传统的三线程技术,改进后的三线程通过remote线程和watch线程之间的相互监视保护,显著改善了其保护力度,增加了黑客攻击软件哨兵的难度。实验结果表明,采用改进的三线程保护的软件哨兵,不仅能防止软件篡改攻击,还能有效抵抗对哨兵本身的攻击。
Software guard is a dynamic tamper proofing technique. However, the guard cannot guarantee its own security and is easy to be bypassed or removed by hacker. This paper studied this problem and implemented a dynamic tamper proofing method combining three-thread architecture with software guard, which used improved three-thread structure to protect the guard security. Compared to the traditional three-thread protection technique, the improved three-thread structure increased the protection and difficulty to attack by the mutual watch and protection between remote thread and watch thread. The experimental results show that the software guard protected by the improved three-thread structure can not only prevent software tampering attacks but also prevent the attack to the guard itself effectively.
出处
《计算机应用》
CSCD
北大核心
2013年第1期1-3,34,共4页
journal of Computer Applications
基金
江苏省产学研前瞻性联合研究项目(BY2009128)
关键词
防篡改
三线程保护
软件哨兵
自保护
完整性校验
tamper proofing
three-thread protection
software guard
self-protection
integrity checking
