-
公开(公告)号:US08412953B2
公开(公告)日:2013-04-02
申请号:US12550334
申请日:2009-08-28
IPC分类号: G06F9/44
CPC分类号: G06F21/125 , G06F11/1004
摘要: Disclosed herein are methods, systems, and computer-readable storage media for annotation driven integrity program verification. The method includes distributing verification calls configured to verify a function across call paths leading to the function in source code, generating a binary from the source code having placeholders associated with the verification calls, and filling each placeholder in the binary with verification data or reference checksums. Alternatively, the method includes receiving source code having a verification call, replacing the verification call with one or more equivalent verification calls distributed over a call path, replacing each verification call with a checksum function generating placeholders while compiling, generating a binary based on the placeholders, and filling each placeholder in the binary with reference checksums. The system includes a processor and a module controlling the processor to perform the methods. The computer-readable storage medium includes instructions for controlling a computer to perform the methods.
摘要翻译: 本文公开了用于注释驱动的完整性程序验证的方法,系统和计算机可读存储介质。 该方法包括分配验证呼叫,配置为验证源于代码中的功能的呼叫路径之间的功能,从具有与验证呼叫相关联的占位符的源代码生成二进制文件,并用验证数据或引用校验和填充二进制中的每个占位符 。 或者,该方法包括接收具有验证呼叫的源代码,用通过呼叫路径分配的一个或多个等效验证呼叫代替验证呼叫,在编译时用生成占位符的校验和函数替换每个验证呼叫,基于占位符生成二进制 并用引用校验和填充二进制中的每个占位符。 该系统包括处理器和控制处理器来执行方法的模块。 计算机可读存储介质包括用于控制计算机执行方法的指令。
-
公开(公告)号:US20110167407A1
公开(公告)日:2011-07-07
申请号:US12683145
申请日:2010-01-06
IPC分类号: G06F9/44
CPC分类号: G06F21/14
摘要: Disclosed herein are systems, methods, and computer-readable storage media for obfuscating software data references. The obfuscation process locates pointers to data within source code and loads the pointers into an ordered set of pools. The process further shuffles the pointers in the ordered set of pools and adds a function within the source code that when executed uses the ordered set of pools to retrieve the data. The obfuscation process utilizes pool entry shuffling, pool chaining shuffling and cross-pointer shuffling.
摘要翻译: 本文公开了用于模糊软件数据引用的系统,方法和计算机可读存储介质。 混淆过程将指针指向源代码中的数据,并将指针加载到有序的池集中。 该过程进一步将指针排序在有序的池集中,并在源代码中添加一个函数,当执行时使用有序的池集来检索数据。 混淆过程利用池进入洗牌,池链接洗牌和交叉指针洗牌。
-
公开(公告)号:US20100058303A1
公开(公告)日:2010-03-04
申请号:US12202909
申请日:2008-09-02
IPC分类号: G06F9/44
CPC分类号: G06F21/14
摘要: Disclosed herein are systems, methods, and computer readable-media for obfuscating code through conditional expansion obfuscation. The method includes identifying a conditional expression in a computer program, identifying a sequence of conditional expressions that is semantically equivalent to the conditional expression, and replacing the conditional expression with the semantically equivalent sequence of conditional expressions. One option replaces each like conditional expression in the computer program with a diverse set of sequences of semantically equivalent conditional expressions. A second option rearranges computer instructions that are to be processed after the sequence of conditional expression is evaluated so that a portion of the instructions is performed before the entire sequence of conditional expressions is evaluated. A third option performs conditional expansion obfuscation of a conditional statement in combination with branch extraction obfuscation.
摘要翻译: 本文公开了用于通过条件扩展混淆来模糊代码的系统,方法和计算机可读介质。 该方法包括识别计算机程序中的条件表达式,识别在语义上等同于条件表达式的条件表达式的序列,以及用条件表达式的语义等价序列替换条件表达式。 一个选项用计算机程序中的条件表达式替换各种语义等价条件表达式的序列集合。 在评估条件表达式的序列之后,第二个选项重新排列要处理的计算机指令,使得在评估整个条件表达式序列之前执行指令的一部分。 第三个选项与条件语句结合使用分支提取混淆来执行条件扩展模糊处理。
-
4.发明申请SYSTEM AND METHOD FOR OBFUSCATION BY COMMON FUNCTION AND COMMON FUNCTION PROTOTYPE 有权通过共同功能和常用功能原型进行OBFUSCING的系统和方法公开(公告)号:US20110167414A1
公开(公告)日:2011-07-07
申请号:US12651953
申请日:2010-01-04
申请人: Christopher Arthur Lattner , Tanya Michelle Lattner , Julien Lerouge , Ginger M. Myles , Augustin J. Farrugia , Pierre Betouin
发明人: Christopher Arthur Lattner , Tanya Michelle Lattner , Julien Lerouge , Ginger M. Myles , Augustin J. Farrugia , Pierre Betouin
IPC分类号: G06F9/45
摘要: Disclosed herein are systems, methods, and computer-readable storage media for obfuscating by a common function. A system configured to practice the method identifies a set of functions in source code, generates a transformed set of functions by transforming each function of the set of functions to accept a uniform set of arguments and return a uniform type, and merges the transformed set of functions into a single recursive function. The single recursive function can allocate memory in the heap. The stack can contain a pointer to the allocated memory in the heap. The single recursive function can include instructions for creating and explicitly managing a virtual stack in the heap. The virtual stack can emulate what would happen to the real stack if one of the set of functions was called. The system can further compile the source code including the single recursive function.
摘要翻译: 本文公开了用于通过共同功能进行混淆的系统,方法和计算机可读存储介质。 被配置为实施该方法的系统识别源代码中的一组函数,通过将函数集合的每个函数变换为接受统一的参数集合并返回统一类型来生成变换的函数集合,并且将经变换的集合 函数转换为单个递归函数。 单个递归函数可以在堆中分配内存。 堆栈可以包含指向堆中分配的内存的指针。 单个递归函数可以包括用于创建和显式管理堆中的虚拟堆栈的说明。 如果调用了一组函数,虚拟堆栈可以模拟真实堆栈将会发生什么。 该系统可以进一步编译包含单个递归函数的源代码。
-
公开(公告)号:US20110055638A1
公开(公告)日:2011-03-03
申请号:US12550334
申请日:2009-08-28
CPC分类号: G06F21/125 , G06F11/1004
摘要: Disclosed herein are methods, systems, and computer-readable storage media for annotation driven integrity program verification. The method includes distributing verification calls configured to verify a function across call paths leading to the function in source code, generating a binary from the source code having placeholders associated with the verification calls, and filling each placeholder in the binary with verification data or reference checksums. Alternatively, the method includes receiving source code having a verification call, replacing the verification call with one or more equivalent verification calls distributed over a call path, replacing each verification call with a checksum function generating placeholders while compiling, generating a binary based on the placeholders, and filling each placeholder in the binary with reference checksums. The system includes a processor and a module controlling the processor to perform the methods. The computer-readable storage medium includes instructions for controlling a computer to perform the methods.
摘要翻译: 本文公开了用于注释驱动的完整性程序验证的方法,系统和计算机可读存储介质。 该方法包括分配验证呼叫,配置为验证源于代码中的功能的呼叫路径之间的功能,从具有与验证呼叫相关联的占位符的源代码生成二进制文件,并用验证数据或引用校验和填充二进制中的每个占位符 。 或者,该方法包括接收具有验证呼叫的源代码,用通过呼叫路径分配的一个或多个等效验证呼叫代替验证呼叫,在编译时用生成占位符的校验和函数替换每个验证呼叫,基于占位符生成二进制 并用引用校验和填充二进制中的每个占位符。 该系统包括处理器和控制处理器来执行方法的模块。 计算机可读存储介质包括用于控制计算机执行方法的指令。
-
公开(公告)号:US20110047622A1
公开(公告)日:2011-02-24
申请号:US12546520
申请日:2009-08-24
申请人: Ginger M. Myles , Srinivas Vedula , Gianpaolo Fasoli , Julien Lerouge , Tanya Michelle Lattner , Augustin J. Farrugia
发明人: Ginger M. Myles , Srinivas Vedula , Gianpaolo Fasoli , Julien Lerouge , Tanya Michelle Lattner , Augustin J. Farrugia
CPC分类号: G06F21/54 , G06F9/4484 , G06F9/544 , G06F9/545
摘要: Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for call path enforcement. The method includes tracking, during run-time, a run-time call order for a series of function calls in a software program, and when executing a protected function call during run-time, allowing or causing proper execution of a protected function call only if the run-time call order matches a predetermined order. The predetermined order can be an expected run-time call order based on a programmed order of function calls in the software program. The method can include maintaining an evolving value associated with the run-time call order and calling the protected function by passing the evolving value and function parameters corrupted based on the evolving value. The protected function uncorrupts the corrupted parameters based on the passed evolving value and an expected predetermined call order. A buffer containing the uncorrupted parameters can replace the corrupted parameters.
摘要翻译: 本文公开了用于呼叫路径实施的系统,计算机实现的方法和计算机可读存储介质。 该方法包括在运行期间跟踪软件程序中一系列函数调用的运行时调用顺序,以及在运行时执行受保护函数调用时,只允许或导致仅受保护函数调用的正确执行 如果运行时间调用顺序与预定顺序相匹配。 预定顺序可以是基于软件程序中的功能调用的编程顺序的期望的运行时呼叫顺序。 该方法可以包括维护与运行时呼叫顺序相关联的演进值,并通过传递基于演进值而破坏的演进值和功能参数来调用受保护功能。 受保护的功能基于传递的演进值和预期的预定呼叫顺序来破坏已损坏的参数。 包含未受损参数的缓冲区可以替换损坏的参数。
-
公开(公告)号:US20110179403A1
公开(公告)日:2011-07-21
申请号:US12688807
申请日:2010-01-15
IPC分类号: G06F9/45
CPC分类号: G06F21/14 , G06F8/4443 , G06F9/463 , G06F17/241
摘要: Disclosed herein are systems, methods, and computer-readable storage media for obfuscating using inlined functions. A system configured to practice the method receives a program listing including annotated functions for obfuscation, identifies an annotated function called more than once in the program listing, and creates an inline control flow structure in the program listing for the identified annotated function, the control flow structure being computationally equivalent to inlining the identified annotated function into the program listing for each occurrence of the identified annotated function. The program listing can include tiers of annotated functions. The system can identify annotated functions called more than once based on an optionally generated callgraph. The system can create inline control flow structures in the program listing in order of annotation importance. The system can identify how many times each annotated function is called in the program listing.
摘要翻译: 本文公开了用于使用内联函数进行混淆的系统,方法和计算机可读存储介质。 配置为实施该方法的系统接收包括用于模糊化的注释功能的程序列表,在程序列表中标识多于一次的注释函数,并且在所述程序列表中为所识别的注释功能创建一个内联控制流结构, 计算结构相当于将所识别的注释功能内联到所述识别的注释功能的每次出现的程序列表中。 程序列表可以包括注释功能的层次。 系统可以基于可选地生成的呼叫图来识别多次调用的注释功能。 该系统可以在注释重要性的顺序创建程序列表中的内联控制流结构。 系统可以识别每个注释功能在程序列表中调用的次数。
-
公开(公告)号:US20100332506A1
公开(公告)日:2010-12-30
申请号:US12494883
申请日:2009-06-30
申请人: Robert Glenn Deen , Ginger M. Myles
发明人: Robert Glenn Deen , Ginger M. Myles
CPC分类号: G06F16/95
摘要: According to embodiments of the invention, a system, method and computer program product for a computer program product for marking and acquiring sought after content are provided. Embodiments include a method comprising inserting a first desired content ID for a desired content item in a content directory for a first device in a network of media devices. The content directories of the devices in the network include content IDs of content present in the device, and also content IDs of content desired for the devices. Content directories of the other devices in the network are compared to determine if any of the other devices have a content directory containing the first desired content ID. For devices having the first desired content ID in its content directory, a determination is made of whether the desired content is present in the other device, and if the desired content is present in the other device, a copy of the desired content is transferred to the first device.
摘要翻译: 根据本发明的实施例,提供了一种用于标记和获取所追求的内容的计算机程序产品的系统,方法和计算机程序产品。 实施例包括一种方法,包括在媒体设备的网络中的第一设备的内容目录中插入期望内容项目的第一期望内容ID。 网络中的设备的内容目录包括设备中存在的内容的内容ID,以及设备所期望的内容的内容ID。 对网络中其他设备的内容目录进行比较,以确定其他任何设备是否具有包含第一所需内容ID的内容目录。 对于在其内容目录中具有第一期望内容ID的设备,确定所需内容是否存在于另一设备中,并且如果期望的内容存在于另一设备中,则所需内容的副本被传送到 第一个设备。
-
公开(公告)号:US20090307657A1
公开(公告)日:2009-12-10
申请号:US12135032
申请日:2008-06-06
申请人: Augustin J. Farrugia , Julien Lerouge , Tanya Michelle Lattner , Ginger M. Myles , Gianpaolo Fasoli
发明人: Augustin J. Farrugia , Julien Lerouge , Tanya Michelle Lattner , Ginger M. Myles , Gianpaolo Fasoli
IPC分类号: G06F9/44
CPC分类号: G06F21/6209 , G06F21/10 , G06F21/6218 , G06F2221/2107
摘要: Disclosed herein are systems, methods, and computer readable-media for obfuscating array contents in a first array, the method comprising dividing the first array into a plurality of secondary arrays having a combined total size equal to or greater than the first array, expanding each respective array in the plurality of the secondary arrays by a respective multiple M to generate a plurality of expanded arrays, and arranging data elements within each of the plurality of expanded arrays such that a data element located at an index I in a respective secondary array is located at an index I*M, wherein M is the respective multiple M in an associated expanded array, wherein data in the first array is obfuscated in the plurality of expanded arrays. One aspect further splits one or more of the secondary arrays by dividing individual data elements in a plurality of sub-arrays. The split sub-arrays may contain more data elements than the respective secondary array. The principles herein may be applied to single dimensional or multi-dimensional arrays. The obfuscated array contents may be accessed via an index to the first array which is translated to retrieve data elements stored in the plurality of expanded arrays.
摘要翻译: 本文公开了用于在第一阵列中模糊阵列内容的系统,方法和计算机可读介质,所述方法包括将第一阵列划分成具有等于或大于第一阵列的组合总大小的多个次阵列, 通过相应的多个M在多个次级阵列中的相应阵列以生成多个扩展阵列,并且在多个扩展阵列中的每一个内布置数据元素,使得位于相应次级阵列中的索引I处的数据元素是 位于索引I * M处,其中M是相关联的扩展阵列中的相应多个M,其中第一阵列中的数据在多个扩展阵列中被模糊化。 一个方面通过划分多个子阵列中的各个数据元素来进一步分割一个或多个次级阵列。 分割子阵列可能包含比相应的辅助阵列更多的数据元素。 这里的原理可以应用于单维或多维阵列。 混淆的阵列内容可以经由第一数组的索引访问,该索引被转换以检索存储在多个扩展阵列中的数据元素。
-
公开(公告)号:US20090049308A1
公开(公告)日:2009-02-19
申请号:US12135052
申请日:2008-06-06
IPC分类号: H04L9/06
CPC分类号: G06F21/14
摘要: A system, method, and computer program product for preventing a malicious user from analyzing and modifying software content. The one-way functions used in prior art systems using dynamically evolving audit logs or self-modifying applications are replaced with a one-way function based on group theory. With this modification, untampered key evolution will occur inside a defined mathematical group such that all valid key values form a subgroup. However, if the program is altered, the key will evolve incorrectly and will no longer be a member of the subgroup. Once the key value is outside of the subgroup, it is not possible to return it to the subgroup. The present invention provides a limited total number of valid keys. The key evolution points are not restricted to locations along the deterministic path, so the key can be used in various novel ways to regulate the program's behavior, including in non-deterministic execution paths.
摘要翻译: 一种用于防止恶意用户分析和修改软件内容的系统,方法和计算机程序产品。 使用动态演进的审计日志或自修改应用程序的现有技术系统中使用的单向函数被基于组理论的单向函数所取代。 通过这种修改,无限制的密钥演进将发生在定义的数学组内,使得所有有效的密钥值形成一个子组。 但是,如果程序被更改,则密钥将不正确地发展,不再是该子组的成员。 一旦键值超出了子组,就不可能将其返回到子组。 本发明提供了有限的总数量的有效密钥。 关键演化点不仅限于确定路径上的位置,所以密钥可以以各种新颖的方式用于调节程序的行为,包括在非确定性执行路径中。
-
-
-
-
-
-
-
-
-
搜索结果
16 条记录 (耗时 0.012 秒)