-
1.发明申请INTEGRITY VERIFICATION SYSTEM USING REMOTE CODE EXECUTION AND METHOD THEREOF 审中-公开使用远程代码执行的完整性验证系统及其方法公开(公告)号:US20170054693A1
公开(公告)日:2017-02-23
申请号:US15205342
申请日:2016-07-08
发明人: Jeong-Hyun Yi , Yong-Jin Park , Sun-Woo Shin
摘要: The integrity verification system includes a client and an RCE server. The client requests an RCE service to the RCE server using a pointer of a return function as a parameter of a service call function and transmits a memory code of the return function to the RCE server when Reverse-RCE for obtaining the memory code of the return function is requested from the RCE server. The RCE server generates a first hash key of the transmitted memory code, compares the first hash key to a stored second hash key of the memory code of an original return function, generates a return value according to a compared result between the first hash key and the second hash key and transmits the generated return value to the client using the generated return value as a parameter of the service call function. The client executes the return function using the return value as a parameter of the return function.
摘要翻译: 完整性验证系统包括客户端和RCE服务器。 客户机使用返回函数的指针作为服务调用函数的参数向RCE服务器请求RCE服务,并且当用于获取返回的存储器代码的Reverse-RCE时,将返回函数的存储器代码发送到RCE服务器 功能请求从RCE服务器。 RCE服务器产生所发送的存储器代码的第一散列密钥,将第一散列密钥与原始返回函数的存储器代码的存储的第二散列密钥进行比较,根据第一散列密钥和 第二散列密钥,并使用生成的返回值作为服务调用函数的参数将生成的返回值发送给客户端。 客户端使用返回值作为返回函数的参数执行返回函数。
-
2.发明申请公开(公告)号:US20170257219A1
公开(公告)日:2017-09-07
申请号:US15184353
申请日:2016-06-16
发明人: Jeong-Hyun Yi , Yong-Jin Park , Sung-Eun Park
CPC分类号: H04L9/3247 , G06F8/53 , G06F9/30036 , G06F9/45504 , G06F9/45516 , G06F9/45529 , G06F21/12 , H04L9/002 , H04L2209/043 , H04L2209/16
摘要: An application code obfuscating apparatus includes a secret code divider, a secret code caller, a code converter and an obfuscating part. The secret code divider is configured to divide an application code having a first type into a secret code and a normal code. The secret code caller generating part is configured to generate a secret code caller to call the secret code. The code converter is configured to convert the secret code having the first type to a second type. The obfuscating part is configured to generate a first table and a second table. The first table includes an obfuscated signature of the secret code and a first random vector. The second table includes an offset of the secret code which corresponds to the obfuscated signature of the secret code and a second random vector which is liked with the first random vector.
-
3.发明申请User Terminal And Method For Protecting Core Codes Using Peripheral Device of User Terminal 审中-公开用户终端和用户终端外围设备保护核心代码的方法公开(公告)号:US20160275271A1
公开(公告)日:2016-09-22
申请号:US14785637
申请日:2015-03-06
发明人: Jeong-Hyun Yi , Yongjin Park
CPC分类号: G06F21/12 , G06F8/61 , G06F21/123 , G06F21/14 , G06F21/602 , H04L63/0428 , H04L63/06 , H04L63/0876 , H04L63/168 , H04W12/0023 , H04W12/003 , H04W12/00512 , H04W12/04
摘要: A user terminal includes a pairing circuit, a communication circuit, and a control circuit. The pairing circuit receives a normal code of an application from an application providing server in a process of downloading and installing the application from the application providing server, and performs a pairing operation with a peripheral device that stores a core code of the application received from the application providing server. The communication circuit, in a process of executing the application, transmits distinct information of the user terminal to the peripheral device to make the peripheral device encrypt the core code and decrypt the encrypted core code. The control circuit transmits an execution request message to the peripheral device, and receives an execution result of the core code from the peripheral device.
摘要翻译: 用户终端包括配对电路,通信电路和控制电路。 配对电路在从应用提供服务器下载和安装应用程序的过程中从应用提供服务器接收应用程序的正常代码,并且与外部设备进行配对操作,该外围设备存储从应用提供服务器接收到的应用的核心代码 应用程序提供服务器。 在执行应用的过程中,通信电路向外围设备发送用户终端的不同信息,以使外围设备对核心码进行加密并解密加密的核心码。 控制电路向外围设备发送执行请求消息,并从外围设备接收核心代码的执行结果。
-
4.发明申请公开(公告)号:US20170032110A1
公开(公告)日:2017-02-02
申请号:US14787275
申请日:2015-03-06
发明人: Jeong-Hyun Yi
CPC分类号: G06F21/12 , G06F8/61 , G06F21/123 , G06F21/629 , G06F21/70 , G06F2221/2115 , H04L9/32
摘要: A user terminal includes a communication circuit, a certification circuit, an execution circuit, and a control circuit. The communication circuit receives a normal code of an application from an application providing server to install the application. The certification circuit receives a registration request message, which includes distinct information of a peripheral device, from the peripheral device storing a core code of the application, to certify the peripheral device, transmits a registration response message, which includes distinct information of the user terminal, to the peripheral device, and receives the core code of the application from the peripheral device. The execution circuit executes the application using the normal code and the core code. The control circuit restricts at least one of functions of the user terminal while the application is executed.
摘要翻译: 用户终端包括通信电路,认证电路,执行电路和控制电路。 通信电路从应用程序提供服务器接收应用程序的正常代码以安装应用程序。 认证电路从存储应用的核心代码的外围设备接收包括外围设备的不同信息的注册请求消息,以验证外围设备,发送注册响应消息,其包括用户终端的不同信息 ,并且从外围设备接收应用的核心代码。 执行电路使用正常代码和核心代码执行应用程序。 控制电路在执行应用时限制用户终端的功能中的至少一个功能。
-
5.发明申请User Terminal And Method For Protecting Core Codes Of Applications Using The Same 审中-公开用户终端和保护应用程序核心代码的方法公开(公告)号:US20160239669A1
公开(公告)日:2016-08-18
申请号:US14784292
申请日:2015-03-06
发明人: Jeong-Hyun Yi , Sung-Ryoung Kim
CPC分类号: G06F21/602 , G06F21/14 , G06F21/44 , G06F21/6209 , H04L63/0876
摘要: A user terminal includes a communication circuit, an encryption-decryption circuit, and an execution circuit. The communication circuit receives a core code file of an application from a peripheral device, which stores the core code file of the application, when certifying a core code of the application. The encryption-decryption circuit encrypts the core code file and transmits the encrypted core code file to the peripheral device, and, when executing the application, receives the encrypted core code file from the peripheral device and decrypts the encrypted core code file. The execution circuit executes the application using the decrypted core code file and a normal code file of the application stored in the user terminal. Since the normal code file is stored in the user terminal and the core code file is stored in the peripheral device, the core code of the application is protected from reverse engineering attacks.
摘要翻译: 用户终端包括通信电路,加密解密电路和执行电路。 当认证应用程序的核心代码时,通信电路从存储应用程序的核心代码文件的外围设备接收应用程序的核心代码文件。 加密 - 解密电路加密核心码文件并将加密的核心码文件发送到外围设备,并且当执行应用程序时,从外围设备接收加密的核心码文件并解密加密的核心码文件。 执行电路使用解密的核心码文件和存储在用户终端中的应用的正常代码文件来执行应用。 由于通常的代码文件存储在用户终端中并且核心代码文件存储在外围设备中,所以应用的核心代码被保护免受逆向工程攻击。
-
公开(公告)号:US20170147798A1
公开(公告)日:2017-05-25
申请号:US15105302
申请日:2015-03-06
发明人: Jeong-Hyun Yi , Yong-Jin Park
IPC分类号: G06F21/14
摘要: A mobile device and a method of operating a mobile device are disclosed. The mobile device includes a main processor executing a normal code of a mobile application program, a co-processor executing a core code of the mobile application program, and a co-processor driver enabling the main processor and the co-processor to communicate with each other. The normal code includes commands executable by the main processor, and the core code includes commands executable by the co-processor. Since the core code is separated from the mobile application program on a level lower than an operating system level when the mobile application program is installed on the mobile device and the core code is stored in a core code storage to which the main processor is not allowed to access directly, the core code is not exposed to an attacker, such that resistance to a reverse engineering attack is increased.
-
公开(公告)号:US09734307B2
公开(公告)日:2017-08-15
申请号:US14787275
申请日:2015-03-06
发明人: Jeong-Hyun Yi
CPC分类号: G06F21/12 , G06F8/61 , G06F21/123 , G06F21/629 , G06F21/70 , G06F2221/2115 , H04L9/32
摘要: A user terminal includes a communication circuit, a certification circuit, an execution circuit, and a control circuit. The communication circuit receives a normal code of an application from an application providing server to install the application. The certification circuit receives a registration request message, which includes distinct information of a peripheral device, from the peripheral device storing a core code of the application, to certify the peripheral device, transmits a registration response message, which includes distinct information of the user terminal, to the peripheral device, and receives the core code of the application from the peripheral device. The execution circuit executes the application using the normal code and the core code. The control circuit restricts at least one of functions of the user terminal while the application is executed.
-
8.发明申请Code Obfuscation Device Using Indistinguishable Identifier Conversion And Method Thereof 审中-公开使用不可区分的标识符转换的代码混淆设备及其方法公开(公告)号:US20160371473A1
公开(公告)日:2016-12-22
申请号:US15104310
申请日:2015-03-06
发明人: Jeong-Hyun Yi , Sung-Ryoung Kim , Geon-Bae Na , Yong-Jin Park
CPC分类号: G06F21/12 , G06F21/125 , G06F21/14 , G06F2221/0748
摘要: A code obfuscation device and a method of obfuscating a code of an application program file are disclosed. The code obfuscation device includes an extraction circuit uncompressing an application program file to extract a Dalvik executable file, a code analysis circuit analyzing a bytecode of the Dalvik executable file, a control circuit determining an obfuscation character and a number and a location of the obfuscation character to be inserted in the bytecode, and an identifier conversion circuit inserting the obfuscation character in the bytecode to convert an identifier of the bytecode. Since the identifier of the bytecode is converted using an obfuscation character, which corresponds to a character that is invisible on a screen or has a different Unicode from another character displayed on the screen as a same shape as the character, the application program file has an increased resistance to a reverse engineering attack.
摘要翻译: 公开了一种代码混淆装置和一种混淆应用程序文件的代码的方法。 代码混淆装置包括解压缩应用程序文件以提取Dalvik可执行文件的提取电路,分析Dalvik可执行文件的字节码的代码分析电路,确定混淆字符的混合字符和数字和位置的控制电路 被插入到字节码中,以及标识符转换电路,在字节码中插入混淆字符来转换字节码的标识符。 由于使用模糊字符转换字符代码的标识符,该混淆字符对应于在屏幕上不可见或具有与屏幕上显示的另一个字符不同的Unicode的字符与字符相同的形状,所以应用程序文件具有 增加对逆向工程攻击的抵抗力。
-
9.发明申请User Terminal For Detecting Forgery Of Application Program Based On Hash Value And Method Of Detecting Forgery Of Application Program Using The Same 审中-公开用于检测基于哈希值的应用程序伪造的用户终端和使用该应用程序的应用程序伪造的检测方法公开(公告)号:US20160330030A1
公开(公告)日:2016-11-10
申请号:US15109235
申请日:2015-03-06
发明人: Jeong-Hyun Yi , Myeong-Ju Ji , Ji-Woong Bang , Tae-Joo Cho
CPC分类号: H04L9/3236 , G06F21/12 , G06F21/44 , G06F21/52 , H04L9/3239 , H04L63/0876
摘要: A user terminal for detecting forgery of an application program based on a hash value and a method of detecting forgery of an application program using the user terminal are disclosed. The user terminal includes a communication circuit, a hash value generation circuit and a forgery determination circuit. When the application program is executed, the communication circuit transmits information of the user terminal and the application program to an authentication server on a platform level to receive an original hash value of the application program from the authentication server, or to receive the original hash value from a peripheral device paired with the user terminal. The hash value generation circuit generates the hash value of the application program on the platform level. The forgery determination circuit compares the original hash value received from the authentication server or the peripheral device with the generated hash value on the platform level to determine whether the application program is tampered. Accordingly, the user terminal may be protected from a tampered application program. In addition, since forgery of the application program is detected on the platform level, it may overcome limitations of tamper detection technologies on an application program level that can be evaded by an attacker.
摘要翻译: 公开了一种用于基于散列值检测应用程序的伪造的用户终端和使用该用户终端检测应用程序的伪造的方法。 用户终端包括通信电路,散列值生成电路和伪造判定电路。 当执行应用程序时,通信电路将用户终端和应用程序的信息发送到平台级的认证服务器,以从认证服务器接收应用程序的原始散列值,或接收原始散列值 从与用户终端配对的外围设备。 哈希值生成电路在平台级生成应用程序的哈希值。 伪造判定电路将从认证服务器或外围设备接收到的原始散列值与平台级别生成的散列值进行比较,判断应用程序是否被篡改。 因此,可以保护用户终端免受篡改的应用程序的影响。 另外,由于在平台级别检测到应用程序的伪造,所以可以克服在攻击者可以避免的应用程序级上的篡改检测技术的限制。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.021 秒)
