Research On Code Protection Technology In Malicious Controlled Environment

Software industry has become an indispensable part of the social economy and security problems have become increasingly prominent as the rapid development of information technologies.Intellectual property and copyright of computer software has been infringed by using unlicensed software,tampering and reverse analysis.Therefore,governments,entrepreneurs and scholars have paid more and more attention to it and software protection has become an important computer security aspect.In order to protect the software,it should assume that the released software is under attack in a white-box environment controlled by the attacker.There are several of software protection methods such as the preventive ones including code encryption,code obfuscation and self-modification etc.;the remedial ones including software watermarking and software diversity etc.The code obfuscation technology in the former is one of the hotspots of software protection technology because of its moderate cost and universal protection.The code diversity technology in the latter may suppress the influence of software infringement,and do not interfere with the development of the software phase as it is mainly in the software release stage.As a result,it is an important supplement to the precautionary approach in terms of the convenient implementation.However,software protection technology and software attack technology has been showing symbiosis with the development.At present,many of the previously well-protected code obfuscation techniques have been compromised and need to be complemented by code-confusing technology with novel safety theory foundation.Moreover,a single software protection technology has proven to be unsafe so that the comprehensive use of software protection technologies should be studied.The dependency among software protection technologies should also be detailed studied and the appropriated tools for modeling should be detailed chosen.The main contents and contributions of the paper are summarized as follows:1.Propose the construction method of a chaotic opaque predicate and its embedded schemeAt present,attackers have studied most of the opaque predicate techniques more thoroughly,and the introduction and application of new ones are urgently needed.When the value set of COE simplifies to {TRUE,FALSE},the chaotic opaque predicate(COP)comes into being.We propose the COP's definition,and the nature of its various aspects,including security,stealth,cost etc.,is proved.Meanwhile,a new embedded scheme for COP is proposed to further improve its stealth.2.Propose a software diversity technology based on peephole optimizationIn the software deployment phase,the diversity objects including base block and code segment is produced by using the peephole optimization method.By obtaining the information of data-flow and control-flow,we pre-process the program and study the dependences of registers.A series of code generation strategies have been made.After the optimal strategy is selected by taking the dependences of the program as heuristic information,various candidate diversity code sequences are generated.The code sequences passed the function equivalence verification will be embedded into the code being protected by using some appropriate means.The demonstration of software diversity developed by us,which is used to testify that the balance between obfuscated effect and cost is acceptable.3.Propose a method for constructing software protection technology application sequence by using Petri netIn this paper,we study the dependences among software protection technologies and use the Petri net with inhibitor arcs and the Petri net with prior arcs to model them.The typical demand of software protection has been summarized.Taking the advantage of Petri net,which is a strict mathematical tool with graphic representation,the convenience of solving the problem is increased dramatically.In scenario of applying software protection technology,it meets the specific requirements of users to solve viable sequence of software technology application and avoids offset and side effects that generated by some software protection technologies.4.Propose a kind of code obfuscation efective essessment model based on nonlinear fuzzy matricesIn order to solve the problem that the current code obfuscation method does not discriminate the effect of code obfuscation,a code obfuscation efective essessment model MNLFM based on nonlinear fuzzy matrix is proposed.It is proved that the MNLFM has the characteristics of reasonableness,monotonicity,continuity,and prominence,which can significantly improve the current situation that the code confusion assessment field has poor distinguishability.Modeling is performed by quantifying evaluation indicators,determining membership functions,and constructing nonlinear fuzzy matrices.A set of Java program test cases was set up to test the validity of this model based on the squash control flow and various opaque predicate code obfuscation techniques and compare it with other code obfuscation evaluation models.Experimental results verify that the MNLFM can compare the complexity of the obfuscated code and clearly distinguish the confusion between different obfuscation algorithms.