Virtual Machine Based Software Protection Method For Defending Against Semantic Attacks

Software security problem has always been highly extensive attention of academia and industry.According to the Survey on 2016 Global Software released by BSA,39 percent of software installed on PCs around the world in 2015 was not properly licensed.The commercial value of the software used for illegal licensing amounted to $52.2 billion.How to protect the software and improve the difficulty of software core algorithms being illegally reverse cracking for the purpose of protecting the legitimate interests of software research and development personnel has become an urgent problem which needs to be solved.To protect the core codes from being reserved,virtual machine-based(VM-based)software protection methods using virtualization technology to transform the local x86 instructions into virtual instructions has been widely used because of its hard understanding virtual instructions and high protection strength.However,existing VM-based software protection methods cannot effectively cope with semantic-based attacks,which leverage the data flow and control flow information to obtain the core codes.To solve the problem,an effective protection system called DAS-VMP was proposed,with which semantics analysis based attacks can be defeated.In order to prevent attacker from analyzing the core algorithm,DAS-VMP obfuscated the data flow and execution flow inside the software to improve the virtual machine-based software protection against semantic attacks,the main research work includes the following four aspects:1)Conduct research on the basic principle of virtual machine-based software protection method,and gain deep understanding of the internal frame and components of the virtual machine.Study the threat to existing virtual machine-based software protection method led by semantic-based attack,and study corresponding protection strategies targeted at such attack.2)After the protection of the traditional virtual machine-based software protection method,the internal data flow information of the software is easy to be captured by the attacker,in order to solve this problem,puts forward the virtual interpreter to introduce data flow obfuscation techniques,make the virtual interpreter possessed the ability of anti-stain analysis and anti-symbolic execution,at the same time design and implement data flow obfuscation engine.3)In view of the traditional single execution flow process virtual machine structure is simple,easy to track debugging,based on the deep research on the virtual machine,a double process mechanism to control the execution flow during the execution process was introduced,which made the software execution process more complex and diverse,making it difficult to be tracked,so as to ensure the security of the execution process.4)Design and realize the virtual machine-based software protection system with anti-semantic attack(DAS-VMP).Conduct theoretical analysis and experimental analysis on the method proposed in the paper through a set of software protected by DAS-VMP system.The experimental results show that DAS-VMP method can effectively resist the semantic-based attack technique.