基于操作码合并的Python程序防逆转算法

doi:10.19678/j.issn.1000-3428.0046314

计算机工程 ›› 2018, Vol. 44 ›› Issue (5): 113-118.doi: 10.19678/j.issn.1000-3428.0046314

基于操作码合并的Python程序防逆转算法

王小强^1a,2,顾乃杰 ^1a,1b,2

1.中国科学技术大学 a.计算机科学与技术学院; b.先进技术研究院,合肥 230027;2.安徽省计算与通信软件重点实验室,合肥 230027

收稿日期:2017-03-10 出版日期:2018-05-15 发布日期:2018-05-15
作者简介:王小强(1991—),男,硕士,主研方向为软件安全、软件脆弱性检测;顾乃杰,教授、博士生导师。
基金项目:
安徽省自然科学基金(1408085MKL06);高等学校学科创新引智计划项目(B07033)。

Python Program Anti-reversal Algorithm Based on Opcode Merging

WANG Xiaoqiang ^1a,2,GU Naijie ^1a,1b,2

1a.School of Computer Science and Technology; 1b.Institute of Advanced Technology,University of Science and Technology of China,Hefei 230027,China;2.Anhui Province Key Laboratory of Computing and Communication Software,Hefei 230027,China

Received:2017-03-10 Online:2018-05-15 Published:2018-05-15

摘要/Abstract

摘要： 由Python编程语言编写的程序,其编译生成的字节码是针对Python虚拟机的具有特定结构的文件,该文件很容易被逆向工具反编译,从而损害开发者的经济利益和个人隐私。传统的防逆转方法存在其处理后的字节码文件易被破解、程序运行效率低等问题。为此,提出一种新的Python字节码文件保护算法。在不影响程序执行结果的前提下,将Python字节码文件中的多个操作码合并为一个新操作码,改变操作码序列的结构和语义,最终达到防逆转的目的。实验结果表明,该算法不仅能防止Python字节码文件被反编译,而且可以减小字节码文件的存储空间,提升程序执行效率。

关键词: 字节码文件, 反编译, 防逆转, 虚拟机操作码, 操作码合并

Abstract: The program written by Python programming language is compiled and generated bytecode,which is a specific structure for Python virtual machine.The file is easily decompressed by reverse tools,thereby damaging the economic interests and personal privacy of developers.The traditional method of anti-reversal has the problems of easily deciphered bytecode files and low program efficiency after processing.To solve the above problem,a new Python bytecode file protection algorithm is proposed,which mereges multiple opcodes in the Python bytecode file into a new opcode without changing the execute result of the program,changes the opcode sequence structure and semantics,and achieves the purpose of anti-reversal finally.Experimental results show that the proposed algorithm not only prevents the bytecode files from being decompilated,but also reduces the storage space of the bytecode file and improves the efficiency of program execution.

Key words: bytecode file, decompile, anti-reversal, virtual machine opcode, opcode merging

中图分类号:

TP309

王小强,顾乃杰. 基于操作码合并的Python程序防逆转算法[J]. 计算机工程, 2018, 44(5): 113-118.

WANG Xiaoqiang,GU Naijie. Python Program Anti-reversal Algorithm Based on Opcode Merging[J]. Computer Engineering, 2018, 44(5): 113-118.

参考文献

［1］Mysterie.A Python 2.7 byte-code decompiler［EB/OL］.［2017-03-10］.https://github.com/wibiti/uncompyle2.
［2］Niwit.Decompyle-Python decompiler［EB/OL］.［2017-03-10］.https://sourceforge.net/projects/decompyle/?source=typ_redirect.
［3］Extremecoders.Python 1.0-3.4 bytecode decompiler［EB/OL］.［2017-03-10］.https://sourceforge.net/projects/easypytho ndecompiler/.
［4］蒋华,刘勇,王鑫.基于控制流的代码混淆技术研究［J］.计算机应用研究,2013,30(3):897-899.
［5］杨乐,周强强,薛锦云.基于垃圾代码的控制流混淆算法［J］.计算机工程,2011,37(12):23-25.
［6］KUZURIN N,SHOKUROV A,VARNOVSKY N,et al.On the concept of software obfuscation in computer security［C］//Proceedings of International Conference on Information Security.Washington D.C.,USA:IEEE Press,2007:281-298.
［7］徐海银,雷植洲,李丹.代码混淆技术研究［J］.计算机与数字工程,2007,35(10):4-7.
［8］鲍福良,彭俊艳,方志刚.Java类文件保护方法综述［J］.计算机系统应用,2007,16(6):124-126.
［9］Py2exe:A Python distutils extension which converts Python scripts into executable windows programs［EB/OL］.［2017-03-10］.http://www.py2exe.org/.
［10］陈明奇,钮心忻.数字水印的研究进展和应用［J］.通信学报,2001,22(5):71-79.
［11］孙圣和,陆哲明.数字水印处理技术［J］.电子学报,2000,28(8):85-90.
［12］陈晗,赵轶群,缪亚波.Java字节码的水印嵌入［J］.计算机应用,2003,23(9):96-98.
［13］COLLBERG C S,THOMBORSON C.Watermarking tamper-proofing and obfuscation［J］.IEEE Transactions on Software Engineering,2000,28(8):735-746.
［14］HAMILTON J,DANICIC S.An evaluation of static Java bytecode watermarking［EB/OL］.［2017-02-25］.https://jameshamilton.eu/sites/default/files/JavaBytecodeWatermar kingSurvey.pdf.
［15］KUMAR K,KEHAR V,KAUR P.An evaluation of dynamic Java bytecode software watermarking algori-thms［J］.International Journal of Security and Its Applications,2016,10(7):147-156.
［16］KHOLIA D,WEGRZYN P.Looking inside the (Drop) box［EB/OL］.［2017-03-01］.https://www.usenix.org/system/files/conference/woot13/woot13-kholia.pdf.
［17］J.C.斯普拉德林.通过操作码随机化的安全:CN 102592082 A［P］.2012-07-18.
［18］Omab.Python-obfuscation［EB/OL］.［2017-03-10］.https://github.com/citrusbyte/python-obfuscation.
［19］STALLINGS M.Cryptography and network security［M］.王章宜,杨敏,杜瑞颖,等,译.北京:电子工业出版社,2012.
［20］MODZELEWSKI K.Microbenchmarks［EB/OL］.［2017-03-10］.https://github.com/dropbox/pyston/tree/master/micro benchmarks.
［21］GUELTON S.Building an obfuscated Python interpreter:we need more opcodes［EB/OL］.［2017-03-10］.https://blog.quarkslab.com/building-an-obfuscated-python-interpreter-we-need-more-opcodes.html.

[1]	尹青, 何东, 李娜, 何红旗. 基于规则的数据类型重构技术研究[J]. 计算机工程, 2012, 38(19): 30-33.
[2]	付剑晶. 基于JAVAC与JVM特征的代码保护[J]. 计算机工程, 2010, 36(11): 164-166,169.
[3]	曹孟春;陈凯明. 一种用于反编译代码与源代码的比较算法[J]. 计算机工程, 2009, 35(4): 38-40.
[4]	方霞;尹青;蒋烈辉;黄海;何红旗. 基于数据流分析的寄存器参数恢复方法[J]. 计算机工程, 2009, 35(22): 62-64.
[5]	邱景. 基于基本块划分的库函数快速识别技术[J]. 计算机工程, 2009, 35(21): 88-90.
[6]	蒋凡;徐晓睿. 利用异常机制的C++类型恢复方法[J]. 计算机工程, 2007, 33(09): 92-94.

基于操作码合并的Python程序防逆转算法

Python Program Anti-reversal Algorithm Based on Opcode Merging

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 6

Metrics

本文评价

推荐阅读 10