公开(公告)号：US20170357787A1

公开(公告)日：2017-12-14

申请号：US15615027

申请日：2017-06-06

申请人： Ksign Co., Ltd. ,  Soongsil University Research Consortium Techno- Park

发明人： Jeong Hyun Yi ,  Yong-Jin Park ,  Tae-Yong Park ,  Sung-Eun Park

IPC分类号： G06F21/14 ,  G06F9/45 ,  G06F21/60 ,  G06F9/44

CPC分类号： G06F21/14 ,  G06F8/40 ,  G06F8/74 ,  G06F21/60 ,  G06F2211/007

摘要： An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a loader generating part, a decrypted code caller generating part and an unloader generating part. The secret code dividing part divides an application code into a secret code and a normal code. The secret code caller generating part generates a secret code caller. The dummy code generating part generates a dummy code corresponding to the secret code. The code disposing part disposes the dummy code and the encrypted secret code and generates position information thereof. The code decryptor generating part generates a code decryptor. The loader generating part generates a loader. The decrypted code caller generating part generates a decrypted code caller. The unloader generating part generates an unloader.

公开(公告)号：US20170054693A1

公开(公告)日：2017-02-23

申请号：US15205342

申请日：2016-07-08

申请人： Ksign Co., Ltd. ,  Soongsil University Research Consortium Techno-Park

发明人： Jeong-Hyun Yi ,  Yong-Jin Park ,  Sun-Woo Shin

IPC分类号： H04L29/06 ,  G06F21/60

CPC分类号： G06F21/60 ,  G06F9/547 ,  G06F21/44 ,  H04L63/123 ,  H04W4/00 ,  H04W12/00 ,  H04W12/10

摘要： The integrity verification system includes a client and an RCE server. The client requests an RCE service to the RCE server using a pointer of a return function as a parameter of a service call function and transmits a memory code of the return function to the RCE server when Reverse-RCE for obtaining the memory code of the return function is requested from the RCE server. The RCE server generates a first hash key of the transmitted memory code, compares the first hash key to a stored second hash key of the memory code of an original return function, generates a return value according to a compared result between the first hash key and the second hash key and transmits the generated return value to the client using the generated return value as a parameter of the service call function. The client executes the return function using the return value as a parameter of the return function.

摘要翻译： 完整性验证系统包括客户端和RCE服务器。 客户机使用返回函数的指针作为服务调用函数的参数向RCE服务器请求RCE服务，并且当用于获取返回的存储器代码的Reverse-RCE时，将返回函数的存储器代码发送到RCE服务器 功能请求从RCE服务器。 RCE服务器产生所发送的存储器代码的第一散列密钥，将第一散列密钥与原始返回函数的存储器代码的存储的第二散列密钥进行比较，根据第一散列密钥和 第二散列密钥，并使用生成的返回值作为服务调用函数的参数将生成的返回值发送给客户端。 客户端使用返回值作为返回函数的参数执行返回函数。

公开(公告)号：US20180011997A1

公开(公告)日：2018-01-11

申请号：US15646272

申请日：2017-07-11

申请人： Ksign Co., Ltd. ,  Soongsil University Research Consortium Techno-Park

发明人： Jeong Hyun Yi ,  Tae-Yong Park ,  Yong-Jin Park ,  Sung-Eun Park

IPC分类号： G06F21/14 ,  G06F21/78 ,  H04L9/32 ,  G06F9/44 ,  G06F9/45 ,  G06F12/14

CPC分类号： G06F21/14 ,  G06F8/30 ,  G06F8/441 ,  G06F8/53 ,  G06F8/74 ,  G06F12/1408 ,  G06F21/78 ,  G06F2212/1052 ,  G06F2221/031 ,  G06F2221/033 ,  H04L9/3226 ,  H04L9/3242

摘要： An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a disposed code importer generating part, a code loader generating part, a memory inner code modifier generating part and a decrypted code caller generating part.

公开(公告)号：US20170257219A1

公开(公告)日：2017-09-07

申请号：US15184353

申请日：2016-06-16

申请人： Ksign Co., Ltd. ,  Soongsil University Research Consortium Techno-Park

发明人： Jeong-Hyun Yi ,  Yong-Jin Park ,  Sung-Eun Park

IPC分类号： H04L9/32 ,  G06F9/455 ,  G06F9/30

CPC分类号： H04L9/3247 ,  G06F8/53 ,  G06F9/30036 ,  G06F9/45504 ,  G06F9/45516 ,  G06F9/45529 ,  G06F21/12 ,  H04L9/002 ,  H04L2209/043 ,  H04L2209/16

摘要： An application code obfuscating apparatus includes a secret code divider, a secret code caller, a code converter and an obfuscating part. The secret code divider is configured to divide an application code having a first type into a secret code and a normal code. The secret code caller generating part is configured to generate a secret code caller to call the secret code. The code converter is configured to convert the secret code having the first type to a second type. The obfuscating part is configured to generate a first table and a second table. The first table includes an obfuscated signature of the secret code and a first random vector. The second table includes an offset of the secret code which corresponds to the obfuscated signature of the secret code and a second random vector which is liked with the first random vector.

公开(公告)号：US20170147798A1

公开(公告)日：2017-05-25

申请号：US15105302

申请日：2015-03-06

申请人： SOONGSIL UNIVERSITY RESEARCH CONSORTIUM TECHNO-PARK

发明人： Jeong-Hyun Yi ,  Yong-Jin Park

IPC分类号： G06F21/14

CPC分类号： G06F21/14 ,  G06F21/72

摘要： A mobile device and a method of operating a mobile device are disclosed. The mobile device includes a main processor executing a normal code of a mobile application program, a co-processor executing a core code of the mobile application program, and a co-processor driver enabling the main processor and the co-processor to communicate with each other. The normal code includes commands executable by the main processor, and the core code includes commands executable by the co-processor. Since the core code is separated from the mobile application program on a level lower than an operating system level when the mobile application program is installed on the mobile device and the core code is stored in a core code storage to which the main processor is not allowed to access directly, the core code is not exposed to an attacker, such that resistance to a reverse engineering attack is increased.

公开(公告)号：US20160371473A1

公开(公告)日：2016-12-22

申请号：US15104310

申请日：2015-03-06

申请人： Soongsil University Research Consortium Techno-Park

发明人： Jeong-Hyun Yi ,  Sung-Ryoung Kim ,  Geon-Bae Na ,  Yong-Jin Park

IPC分类号： G06F21/12 ,  G06F21/14

CPC分类号： G06F21/12 ,  G06F21/125 ,  G06F21/14 ,  G06F2221/0748

摘要： A code obfuscation device and a method of obfuscating a code of an application program file are disclosed. The code obfuscation device includes an extraction circuit uncompressing an application program file to extract a Dalvik executable file, a code analysis circuit analyzing a bytecode of the Dalvik executable file, a control circuit determining an obfuscation character and a number and a location of the obfuscation character to be inserted in the bytecode, and an identifier conversion circuit inserting the obfuscation character in the bytecode to convert an identifier of the bytecode. Since the identifier of the bytecode is converted using an obfuscation character, which corresponds to a character that is invisible on a screen or has a different Unicode from another character displayed on the screen as a same shape as the character, the application program file has an increased resistance to a reverse engineering attack.

摘要翻译： 公开了一种代码混淆装置和一种混淆应用程序文件的代码的方法。 代码混淆装置包括解压缩应用程序文件以提取Dalvik可执行文件的提取电路，分析Dalvik可执行文件的字节码的代码分析电路，确定混淆字符的混合字符和数字和位置的控制电路 被插入到字节码中，以及标识符转换电路，在字节码中插入混淆字符来转换字节码的标识符。 由于使用模糊字符转换字符代码的标识符，该混淆字符对应于在屏幕上不可见或具有与屏幕上显示的另一个字符不同的Unicode的字符与字符相同的形状，所以应用程序文件具有 增加对逆向工程攻击的抵抗力。