-
公开(公告)号:US20150363580A1
公开(公告)日:2015-12-17
申请号:US14306713
申请日:2014-06-17
Applicant: Apple Inc.
Inventor: Pierre Betouin , Augustin J. Farrugia , Benoit Chevallier-Mames , Bruno Kindarji , Cédric Tessier , Jean-Baptiste Aviat , Mathieu Ciet , Thomas Icart
CPC classification number: G06F21/14 , G06F2221/0748
Abstract: The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion.
Abstract translation: 伪造的加密层混淆技术可以用来诱骗攻击者在攻击者通常忽略的代码段上花费逆向工程的努力。 为此,混淆技术可以识别可能对攻击者感兴趣的代码段,并将其伪装成较高的值段。 这可以通过将代码的较低值部分转换为包括已知存在于较高值的代码部分中的代码模式,常量或其他特性来实现,例如加密例程。 为了转换代码部分,混淆技术可以使用一个或多个程序修改,包括控制流修改,常数值调整以模拟公知的加密标量,缓冲区扩展,伪特征表插入,类似调试的信息插入,导出函数代码 生成链接和/或加密算法特定指令插入。
-
公开(公告)号:US09639673B2
公开(公告)日:2017-05-02
申请号:US14306713
申请日:2014-06-17
Applicant: Apple Inc.
Inventor: Pierre Betouin , Augustin J. Farrugia , Benoit Chevallier-Mames , Bruno Kindarji , Cédric Tessier , Jean-Baptiste Aviat , Mathieu Ciet , Thomas Icart
IPC: G06F21/14
CPC classification number: G06F21/14 , G06F2221/0748
Abstract: The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion.
-
公开(公告)号:US09047448B2
公开(公告)日:2015-06-02
申请号:US13741227
申请日:2013-01-14
Applicant: Apple Inc.
Inventor: Cedric Tessier , Daniel Reynaud , Jean-Baptiste Aviat , Jonathan Gregory McLachlan , Julien Lerouge , Pierre Betouin
CPC classification number: G06F21/14 , G06F8/41 , G06F9/45545 , G06F21/51 , G06F2221/2107
Abstract: A branch auditing system can be automatically injected into a computer program, in one embodiment, in response to a programming call provided in source code by a programmer who has selected a particular branch, in a set of possible branches, for auditing. The branch auditing system can record, in an obfuscated data structure, a path taken at the particular branch and the parameters associated with the branch and later an auditor can determine whether the path taken was valid, and if the path taken was invalid, operations can be performed to protect the program, system and/or user.
Abstract translation: 在一个实施例中,分支审计系统可以自动地注入到计算机程序中,以响应于在一组可能的分支中选择了特定分支以用于审计的程序员在源代码中提供的编程调用。 分支审计系统可以在模糊数据结构中记录在特定分支处采取的路径和与分支相关联的参数,随后审核员可以确定所采用的路径是否有效,并且如果所采用的路径无效,则操作可以 执行以保护程序,系统和/或用户。
-
-
Search Results
3
records
(took 0.011 seconds)
