一种基于多维防御混合策略的虚拟机保护安全性增强方法
    点此下载全文
引用本文:谢 鑫 ,梁卫芳,陈 敏.一种基于多维防御混合策略的虚拟机保护安全性增强方法[J].计算技术与自动化,2022,(3):165-171
摘要点击次数: 104
全文下载次数: 0
作者单位
谢 鑫 ,梁卫芳,陈 敏 (湖南信息学院 计算机科学与工程学院湖南 长沙 410151) 
中文摘要:针对虚拟机模块连接安全性较弱的问题,提出一种多维防御混合的虚拟机保护安全性增强方法。首先融合ROP、指令重叠和指令自修改技术对虚拟机框架模块连接指令序列进行隐蔽性混淆,然后运用基于多样化和随机化技术构造的混淆指令网络提升指令序列复杂性,最后采用哨兵集和三线程保护技术完成模块连接指令序列的防篡改。采用了不透明谓词,随机选择函数,指令等价替换和代码数据转换等关键技术实现了原型系统,并通过实验验证了方法的可行性和有效性。
中文关键词:多维防御混合  虚拟机保护  防篡改  混淆网络  ROP技术
 
A Virtual Machine Protection Security Enhancement Method Based on Multi-dimensional Defense Hybrid Strategy
Abstract:A multi-dimensional defense hybrid approach for virtual machine protection security enhancement was proposed to address the problem of weak virtual machine module connection security. Firstly, ROP, instruction overlapping and instruction self-modification techniques were used to obfuscate the virtual machine framework module connection instruction sequence, then obfuscated instruction networks constructed based on diversification and randomization techniques was applied to enhance the complexity of the instruction sequences, and finally guard set and three-thread protection techniques were used to complete the anti-tampering. Key techniques such as opaque predicates, random selection functions, instruction equivalence substitution and code data conversion were used to implement the prototype system, and the feasibility and effectiveness of the method are experimentally verified.
keywords:multi-dimensional defense hybrid  virtual machine protection  anti-tampering  obfuscation network  ROP technology
查看全文   查看/发表评论   下载pdf阅读器