计算机应用与软件2017,Vol.34Issue(12):321-325,333,6.DOI:10.3969/j.issn.1000-386x.2017.12.060
一种基于虚拟机Handler动态加解密的软件保护方法及实现
A SOFTWARE PROTECTION METHOD BASED ON DYNAMIC ENCRYPTION AND DECRYPTION OF VIRTUAL MACHINE HANDLERS AND ITS IMPLEMENTATION
摘要
Abstract
Virtual instruction handlers are the core targets for reverse analyzers to be attacked.Aiming at memory dump and breakpoint analysis for handler sequences,a software protection method based dynamic encryption and decryption of virtual machine handlers is proposed.On the basis of framework of virtual machine protection,code modules of encryption and decryption are embedded into the framework,and all encrypted handlers are restored.When a Handler is executed,the encrypted Handler is decrypted and executed.After execution,it is encrypted again until all Handler sequences are finished.Experiments and analysis showed that the method effectively prevented attackers from memory dumping and breakpoint debugging.关键词
逆向分析/虚拟机保护/动态加密和解密/内存转储/断点调试Key words
Reverse analysis/Virtual machine protection/Dynamic encryption and decryption/Memory dump Breakpoint debug分类
信息技术与安全科学引用本文复制引用
谢鑫,马凌,陈亮..一种基于虚拟机Handler动态加解密的软件保护方法及实现[J].计算机应用与软件,2017,34(12):321-325,333,6.
