摘要
为解决软件保护过程中软件多样化方法比较选择及多样化软件部署的问题,基于信息熵理论对软件复杂度的多个重要属性计算客观权重,并结合主观权重,提出一种软件多样性的综合评估方法,然后给出具体模型和算法实现。对指令替换、控制流扁平化、虚假控制流和字符串加密4种软件多样化方法进行综合评估,验证评估算法的有效性。实验验证表明,该评估方法能够对不同软件多样化方法的多样性进行综合评估比较,对多样化软件的实际部署具有较好的参考价值。
To improve software diversification method selection and diversified software deployment in software protection process,a comprehensive evaluation method of software diversity is proposed by calculating objective weights for multiple important attributes of software complexity based on information entropy theory,and combining subjective weights.Then the specific models and algorithm implementations are presented.The four software diversification methods of instructions substitution,control flow flattening,bogus control flow and string obfuscation are comprehensively evaluated to verify the effectiveness of the evaluation algorithm.Experimental verification show that the evaluation method can comprehensively evaluate and compare the diversity of different software diversification methods,and has a good reference value for the actual deployment of diversified software.
作者
刘镇武
隋然
张铮
刘浩
LIU Zhenwu;SUI Ran;ZHANG Zheng;LIU Hao(State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China;Information Engineering University,Zhengzhou 450001,China;PLA Logistic Information Center, Beijing 100842, China)
出处
《信息工程大学学报》
2020年第2期207-213,共7页
Journal of Information Engineering University
基金
国家重点研发计划资助项目(2018YFB0804003,2017YFB0803204)。
关键词
软件复杂度
信息熵
软件多样性
量化评估
software complexity
information entropy
software diversity
quantification evaluation
