| 分支混淆中的条件异常代码构造研究 |
| |
| 作者姓名: | 耿普 祝跃飞 |
| |
| 作者单位: | 信息工程大学,河南 郑州 450001 |
| |
| 基金项目: | 国家重点研发计划(2016YFB0801601);国家重点研发计划(2016YFB0801505) |
| |
| 摘 要: | 当前分支混淆技术通过构造条件异常代码和异常处理替代条件跳转指令,隐藏分支选择指令的地址,提高约束条件获取的难度,从而对抗符号执行。当前方法构造的条件异常代码中,关键数据具有二值性问题,有利于分支混淆的检测、发现和约束条件获取,降低了混淆的隐蔽性和与符号执行的对抗性;基于该缺点,提出一种使关键数据具有多样性特征的条件异常代码构造方法,增加了混淆的隐蔽性和约束条件的获取难度,提高分支混淆对抗符号执行的强度;通过结构化异常处理实现了基于新型条件异常代码构造的分支混淆原型系统,并对混淆进行了测试和分析。
|
| 关 键 词: | 条件异常代码构造 分支混淆 符号执行 结构化异常处理 |
Research on construction of conditional exception code used in branch obfuscation |
| |
| Authors: | Pu GENG Yuefei ZHU |
| |
| Affiliation: | Information Engineering University,Zhengzhou 450001,China |
| |
| Abstract: | Using conditional exception code construction and exception handler to replace conditional jump code,the branch obfuscation get the right branch selection,but the address of branch point was concealed,so this obfuscation method can defeat symbolic execution by impeding the constraint condition collecting.The normal method of conditional exception code construction has a fault that the key data in conditional exception code has two-value problem,this fault make down the ability of branch obfuscation in impeding symbolic execution.Based on this shortcoming,a novel method which can make the key data in conditional exception code diversity was proposed.This method can improve the difficulty of constraint condition fetching,so the ability to defeat symbolic execution of branch obfuscation was enhanced.At last,a prototype obfuscation system based on structural exception handler was implemented to test the new method of conditional exception code construction. |
| |
| Keywords: | conditional exception code construction branch obfuscation symbolic execution structural exception handler |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
