计算机应用 ›› 2013, Vol. 33 ›› Issue (01): 1-3.DOI: 10.3724/SP.J.1087.2013.00001

• 第九届中国信息和通信安全学术会议(CCICS 2012)论文 •    下一篇

基于三线程保护和软件哨兵的防篡改技术

余艳玮1,2,赵亚鑫1   

  1. 1. 中国科学技术大学 软件学院, 合肥 230051
    2. 中国科学技术大学苏州研究院 嵌入式系统实验室, 江苏 苏州 215123
  • 收稿日期:2012-08-27 出版日期:2013-01-01 发布日期:2013-01-09
  • 通讯作者: 余艳玮
  • 作者简介:余艳玮(1981-),女,湖北孝感人,讲师,博士,主要研究方向:网络游戏安全、多媒体版权保护、智能手机安全;赵亚鑫(1990-),男,河南南阳人,硕士研究生,主要研究方向:Windows系统安全。
  • 基金资助:

    江苏省产学研前瞻性联合研究项目(BY2009128)

Tamper proofing technique based on three-thread protection and software guard

YU Yanwei1,2,ZHAO Yaxin2   

  1. 1. Embedded Systems Laboratory, Suzhou Institute for Advanced Study, University of Science and Technology of China, Suzhou Jiangsu 215123, China
    2. School of Software Engineering, University of Science and Technology of China, Hefei Anhui 230051, China
  • Received:2012-08-27 Online:2013-01-01 Published:2013-01-09
  • Contact: YU Yanwei

摘要: 软件哨兵是一种动态防篡改技术,但是哨兵自身安全性无法保障,容易被绕过或移除。针对软件哨兵中存在的安全弊端,着重研究和实现了三线程结构和软件哨兵相结合的动态防篡改技术,利用改进的三线程结构来保护哨兵自身安全。相对于传统的三线程技术,改进后的三线程通过remote线程和watch线程之间的相互监视保护,显著改善了其保护力度,增加了黑客攻击软件哨兵的难度。实验结果表明,采用改进的三线程保护的软件哨兵,不仅能防止软件篡改攻击,还能有效抵抗对哨兵本身的攻击。

关键词: 防篡改, 三线程保护, 软件哨兵, 自保护, 完整性校验

Abstract: Software guard is a dynamic tamper proofing technique. However, the guard cannot guarantee its own security and is easy to be bypassed or removed by hacker. This paper studied this problem and implemented a dynamic tamper proofing method combining three-thread architecture with software guard, which used improved three-thread structure to protect the guard security. Compared to the traditional three-thread protection technique, the improved three-thread structure increased the protection and difficulty to attack by the mutual watch and protection between remote thread and watch thread. The experimental results show that the software guard protected by the improved three-thread structure can not only prevent software tampering attacks but also prevent the attack to the guard itself effectively.

Key words: tamper proofing, three-thread protection, software guard, self-protection, integrity checking

中图分类号: