公开(公告)号：US08434061B2

公开(公告)日：2013-04-30

申请号：US12135032

申请日：2008-06-06

申请人： Augustin J. Farrugia ,  Julien Lerouge ,  Tanya Michelle Lattner ,  Gideon M. Myles ,  Gianpaolo Fasoli

发明人： Augustin J. Farrugia ,  Julien Lerouge ,  Tanya Michelle Lattner ,  Gideon M. Myles ,  Gianpaolo Fasoli

IPC分类号： G06F9/44

CPC分类号： G06F21/6209 ,  G06F21/10 ,  G06F21/6218 ,  G06F2221/2107

摘要： Disclosed herein are systems, methods, and computer readable-media for obfuscating array contents in a first array, the method comprising dividing the first array into a plurality of secondary arrays having a combined total size equal to or greater than the first array, expanding each respective array in the plurality of the secondary arrays by a respective multiple M to generate a plurality of expanded arrays, and arranging data elements within each of the plurality of expanded arrays such that a data element located at an index I in a respective secondary array is located at an index I*M, wherein M is the respective multiple M in an associated expanded array, wherein data in the first array is obfuscated in the plurality of expanded arrays. One aspect further splits one or more of the secondary arrays by dividing individual data elements in a plurality of sub-arrays. The split sub-arrays may contain more data elements than the respective secondary array. The principles herein may be applied to single dimensional or multi-dimensional arrays. The obfuscated array contents may be accessed via an index to the first array which is translated to retrieve data elements stored in the plurality of expanded arrays.

摘要翻译： 本文公开了用于在第一阵列中模糊阵列内容的系统，方法和计算机可读介质，所述方法包括将第一阵列划分成具有等于或大于第一阵列的组合总大小的多个次阵列， 通过相应的多个M在多个次级阵列中的相应阵列以生成多个扩展阵列，并且在多个扩展阵列中的每一个内布置数据元素，使得位于相应次级阵列中的索引I处的数据元素是 位于索引I * M处，其中M是相关联的扩展阵列中的相应多个M，其中第一阵列中的数据在多个扩展阵列中被模糊化。 一个方面通过划分多个子阵列中的各个数据元素来进一步分割一个或多个次级阵列。 分割子阵列可能包含比相应的辅助阵列更多的数据元素。 这里的原理可以应用于单维或多维阵列。 混淆的阵列内容可以经由第一数组的索引访问，该索引被转换以检索存储在多个扩展阵列中的数据元素。

公开(公告)号：US08589897B2

公开(公告)日：2013-11-19

申请号：US12198873

申请日：2008-08-26

申请人： Gideon M. Myles ,  Julien Lerouge ,  Tanya Michelle Lattner ,  Augustin J. Farrugia

发明人： Gideon M. Myles ,  Julien Lerouge ,  Tanya Michelle Lattner ,  Augustin J. Farrugia

IPC分类号： G06F9/45

CPC分类号： G06F8/41 ,  G06F8/447 ,  G06F9/44521 ,  G06F21/14

摘要： Disclosed herein are systems, methods, and computer readable-media for obfuscating code. The method includes extracting a conditional statement from a computer program, creating a function equivalent to the conditional statement, creating a pointer that points to the function, storing the pointer in an array of pointers, replacing the conditional statement with a call to the function using the pointer at an index in the array, and during runtime of the computer program, dynamically calculating the index corresponding to the pointer in the array. In one aspect, a subset of instructions is extracted from a path associated with the conditional statement and the subset of instructions is placed in the function to evaluate the conditional statement. In another aspect, the conditional statement is replaced with a call to a select function that (1) calculates the index into the array, (2) retrieves the function pointer from the array using the index, and (3) calls the function using the function pointer. Calls can be routed through a select function before the function pointer is used to call the function evaluating the conditional statement. Each step in the method can be applied to source code of the computer program, an intermediate representation of the computer program, and assembly code of the computer program.

摘要翻译： 这里公开了用于模糊代码的系统，方法和计算机可读介质。 该方法包括从计算机程序中提取条件语句，创建等价于条件语句的函数，创建指向函数的指针，将指针存储在指针数组中，使用对函数的调用替换条件语句 数组中的索引处的指针，以及在计算机程序的运行期间，动态地计算与数组中的指针相对应的索引。 在一个方面，从与条件语句相关联的路径中提取指令子集，并将指令子集置于函数中以评估条件语句。 在另一方面，条件语句被替换为select函数的调用，（1）计算数组中的索引，（2）使用索引从数组中检索函数指针，（3）使用 函数指针。 在使用函数指针调用评估条件语句的函数之前，可以通过select函数路由调用。 该方法中的每一步都可以应用于计算机程序的源代码，计算机程序的中间表示和计算机程序的汇编代码。

公开(公告)号：US08429637B2

公开(公告)日：2013-04-23

申请号：US12202909

申请日：2008-09-02

申请人： Gideon M. Myles ,  Tanya Michelle Lattner ,  Julien Lerouge ,  Augustin J. Farrugia

发明人： Gideon M. Myles ,  Tanya Michelle Lattner ,  Julien Lerouge ,  Augustin J. Farrugia

IPC分类号： G06F9/45

CPC分类号： G06F21/14

摘要： Disclosed herein are systems, methods, and computer readable-media for obfuscating code through conditional expansion obfuscation. The method includes identifying a conditional expression in a computer program, identifying a sequence of conditional expressions that is semantically equivalent to the conditional expression, and replacing the conditional expression with the semantically equivalent sequence of conditional expressions. One option replaces each like conditional expression in the computer program with a diverse set of sequences of semantically equivalent conditional expressions. A second option rearranges computer instructions that are to be processed after the sequence of conditional expression is evaluated so that a portion of the instructions is performed before the entire sequence of conditional expressions is evaluated. A third option performs conditional expansion obfuscation of a conditional statement in combination with branch extraction obfuscation.

摘要翻译： 本文公开了用于通过条件扩展混淆来模糊代码的系统，方法和计算机可读介质。 该方法包括识别计算机程序中的条件表达式，识别在语义上等同于条件表达式的条件表达式的序列，以及用条件表达式的语义等价序列替换条件表达式。 一个选项用计算机程序中的条件表达式替换各种语义等价条件表达式的序列集合。 在评估条件表达式的序列之后，第二个选项重新排列要处理的计算机指令，使得在评估整个条件表达式序列之前执行指令的一部分。 第三个选项与条件语句结合使用分支提取混淆来执行条件扩展模糊处理。

公开(公告)号：US08423974B2

公开(公告)日：2013-04-16

申请号：US12540195

申请日：2009-08-12

申请人： Gideon M. Myles ,  Julien Lerouge ,  Tanya Michelle Lattner ,  Augustin J. Farrugia

发明人： Gideon M. Myles ,  Julien Lerouge ,  Tanya Michelle Lattner ,  Augustin J. Farrugia

IPC分类号： G06F9/44

CPC分类号： G06F21/14

摘要： Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for obfuscating a function call. The method receives a computer program having an annotated function and determines prolog instructions for setting up a stack frame of the annotated function and epilog instructions for tearing down the stack frame. The method places a first portion of the prolog instructions in the computer program preceding a jump to the annotated function and a second portion of the prolog instructions at a beginning of the annotated function. The method places a first portion of the epilog instructions at an end of the annotated function and a second portion of the epilog instructions in the computer program after the jump. Executing the first and second portions of the prolog instructions together sets up the stack frame. Executing the first and the second portions of the epilog instructions together tears down the stack frame.

摘要翻译： 这里公开的是系统，计算机实现的方法和用于模糊功能调用的计算机可读存储介质。 该方法接收具有注释功能的计算机程序，并且确定用于建立注释功能的堆栈帧的序言指令和用于拆除堆栈帧的epilog指令。 该方法将前导序列指令的第一部分放置在跳转之前的计算机程序中，并且在注释的函数的开始处将序言指令的第二部分放置到注释的函数中。 该方法将epilog指令的第一部分放置在注释功能的末尾，并且在跳转之后在计算机程序中放置epilog指令的第二部分。 执行序言指令的第一和第二部分一起设置堆栈帧。 执行epilog指令的第一部分和第二部分一起撕下堆栈帧。