摘要
目前,在代码保护技术研究领域,传统的混淆方法具有明显的混淆特征,分析人员可根据特征对其进行定制化的去混淆处理.为此,提出了一种基于分片融合的代码保护技术,通过在源代码层面将目标代码按照语法规则进行代码分片,依据执行顺序与语法规则,将分片插入另一程序的不同位置,在修复函数调用过程与数据关系后,形成可正常运行两个代码功能的融合后代码.在实验部分,对混淆后的代码,从运行效率、代码复杂度影响、代码相似性这3个维度,与其他混淆技术进行对比.从测试结果可以看出:基于分片融合的代码隐式混淆技术能够有效地模糊代码语义,改变控制流特征,且没有明显的混淆特征.因此,融合技术在对抗多种相似性对比算法的能力上有明显优势.
At present,in the field of code protection technology research,traditional obfuscation methods have obvious obfuscation characteristics,and analysts can perform customized de-obfuscation processing based on these characteristics.For this reason,this study proposes a code protection technology based on code slice fusion.This technology slices the target code into code fragments according to grammatical rules at the source code level,and inserts the fragments into different positions of another program according to the execution order and grammatical rules.After repairing the function call process and the data relationship,the fusion code that can run the two code functions normally is formed.A comparative experiment for the fusion code is carried out from three perspectives,namely,resource overhead,code complexity impact,and code similarity.The test results demonstrate that the implicit code obfuscation technique based on code slice fusion can effectively obfuscate code semantics,change control flow characteristics,and has no obvious obfuscation characteristics.Therefore,fusion technology has obvious advantages in the ability to fight against multiple similarity comparison algorithms.
作者
于璞
舒辉
熊小兵
康绯
YU Pu;SHU Hui;XIONG Xiao-Bing;KANG Fei(State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China)
出处
《软件学报》
EI
CSCD
北大核心
2023年第4期1650-1665,共16页
Journal of Software
基金
国家重点研发计划(2016YFB08011601)。
关键词
代码保护
混淆
代码分片
融合
混淆特征
code protection
obfuscation
code slice
fuse
obfuscation characteristics