| The appearance of Java language is a very important milestone of computer information exchange, which takes a revolution and has changed the mode of software development. Nowadays,Java has been widely used in every domain of software development . Java has the agility that can be used in different running environment and it comes from the particular compile mode. Because compiling the Java source code will generate Java class file that oriented Java Virtual Machine not binary file that oriented processor, this cause a great security risk of Java software protection. Class file is a kind of formatted mid-code that saves a lot of messages of source code. With these messages,it is easy to decompile class file to get the source code. The source code that decompiles from Java class file has good qualities that reveal the software engineer's thoughts. These years,many companies and Java developers have researched the structure of Java class file and the Java Virtual Machine. Many protection methods have been developed to protect Java software including native technology,source code separate technology,digital watermark technology,code confusion technology. These methods can protect Java software in some degree,but they all have some localizations and disadvantages.Java Virtual Machine is the key part of the Java technologies. By giving an insight into the Java Virtual Machine, not only we can fast master the advanced computer technology and get a vast amount of experience, but also for us to address the Java bytecode secure has a big help. So I make a comprehensive analysis of the Java Virtual Machine's internal mechanism. This paper focuses on the study of the Java Virtual Machine class loading mechanism, deeply researching on the ClassLoader Architecture of the Java Virtual Machine, such as parent-child accreditation mode, the formats of class file and so on. Based on class loader system and combining it with the cipher technology, JNI technology and modifying Java Virtual Machine this paper brings forward a new method to protect the Java software. The protection scheme is designed by following thought:①Use native methods to encrypt the class file to protect Java software.②Customize a class loader by which the encrypted class files can be decrypted.③Make custom ClassLoader encrypted, so as to ensure the safety of custom ClassLoader. ④Then amend the JVM , so it could be able to load encrypted ClasssLoader, finally put an end to the security vulnerability .This scheme has good security and can be generally used in all Java software,not only native application but also web application software. This scheme can reserve the agility of Java software. This scheme has been developed to a tool and the test data indicate this tool has a high efficiency. In conclusion,this paper gives a good exploration and practice of Java software protection. |
PDF Full Text Request