Chinese Journal of Network and Information Security ›› 2020, Vol. 6 ›› Issue (6): 13-24.doi: 10.11959/j.issn.2096-109x.2020075

• Special Column:Network Application and Protection Technology • Previous Articles     Next Articles

Method of diversity software protection based on fusion compilation

Xiaobing XIONG(),Hui SHU,Fei KANG   

  1. Information Engineering University,Zhengzhou 450001,China
  • Revised:2019-09-27 Online:2020-12-15 Published:2020-12-16
  • Supported by:
    National Key Research and Development Project(2016YFB08011601)

Abstract:

For the obvious characteristics and single mode of the existing common protection methods,with the help of the LLVM framework,a diversity software protection method based on fusion compilation was proposed.In the proposed method,the target software is encrypted randomly,and deeply integrated with the bunker code at the compilation level,and the encrypted target software is decrypted by memory execution technology.Then it is executed in the form of no process in memory,and the diversified protection effect of the target software is realized by the diversity of the bunker and the randomness of the fusion strategies.A number of commonly used software are selected as the test case,and the proposed method is tested from the aspects of resource cost,protection effect,comparative experiment and so on.Compared with the traditional methods such as obfuscation and packing,the proposed method has great advantages in anti-static analysis and anti-dynamic debugging,and can effectively resist the mainstream methods of reverse analyzing and cracking.

Key words: software protection, diversification, fusion compilation, memory execution, LLVM, intermediate representation

CLC Number: