Method for attacking software protection virtual machine based on fuzzy clustering

A technology of software protection and fuzzy clustering, which is applied in the computer field, can solve problems such as lack of versatility, time-consuming and labor-intensive, and inoperability, and achieve the effect of improving efficiency and strong versatility

Inactive Publication Date: 2017-03-22
WUHAN INSTITUTE OF TECHNOLOGY
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this idea is that it is time-consuming and labor-intensive, especially for the protection scheme with high protection intensity such as software protection virtual machine, it is not actually operable
The disadvantage of this idea is that it has high requirements on the structure of the virtual machine and is not universal.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for attacking software protection virtual machine based on fuzzy clustering
  • Method for attacking software protection virtual machine based on fuzzy clustering
  • Method for attacking software protection virtual machine based on fuzzy clustering

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0021] The software protection virtual machine attack plan test of the present invention, this test case adopts the program segment after being protected by VMP2. The flow chart is used to observe and compare the procedures before and after processing. The computer system platform used is Windows 7 64-bit Ultimate; CPU: Intel I5 4200M; memory: DDR3 8G; The input speed is 270M / s.

[0022] The present invention is based on fuzzy clustering software-protected virtual machine attack scheme, which enables the attack scheme of software-protected virtual machine to realize automatic processing to a certain extent, and provides a ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for attacking a software protection virtual machine based on fuzzy clustering. The method comprises the following steps of 1) selecting a program segment protected by the software protection virtual machine, and performing disassembling processing on a program by adopting a disassembling engine; 2) extracting a program execution stream, putting the program into OllyDbg for execution to a program ending position, and recording all instructions executed by the protected program and a state of a register after instruction execution through using OllyScript; 3) analyzing a data stream file generated in the step 2), extracting Handlers, and performing cutting by adopting a recursion scheme; 4) extracting eigenvalues of the Handlers by adopting an N-Perm algorithm; 5) performing clustering on the Handlers by adopting a fuzzy clustering algorithm according to eigenvalue correlativity; and 6) obtaining a clustering result, analyzing semanteme of the clustering result, importing the semanteme for analyzing the program segment, and giving out a flow chart of the protected program, thereby realizing attack to the software protection virtual machine. According to the method, a foundation is laid for later research on automatic attack to the software protection virtual machine.

Description

technical field [0001] The invention relates to computer technology, in particular to a fuzzy clustering-based software protection virtual machine attack method. Background technique [0002] Software protection for virtual machines is currently the software protection solution with the highest protection intensity. When analyzing the program protected by the software protection virtual machine, there are usually the following two solutions. The first is complete manual restoration, that is, using the traditional reverse thinking of looking at the process statically and looking at the data dynamically, put the program into IDA and OllyDbg for execution, execute it step by step, analyze each instruction repeatedly, and finally crack the program. The disadvantage of this idea is that it is time-consuming and labor-intensive, especially for a protection scheme with high protection intensity such as software protection virtual machine, it is not practically operable. The secon...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/563G06F18/23
Inventor 张灿蔡琼胡洁
Owner WUHAN INSTITUTE OF TECHNOLOGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap