会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • SYSTEM AND METHOD FOR OBFUSCATING DATA USING INSTRUCTIONS AS A SOURCE OF PSEUDORANDOM VALUES
    • 使用指令作为PSEUDORANDOM值的来源来对数据进行数据采集的系统和方法
    • US20130104239A1
    • 2013-04-25
    • US13308515
    • 2011-11-30
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • G06F21/24G06F17/30
    • G06F7/588G06F21/54G06F2221/2107
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys.
    • 本文公开了用于使用指令作为伪随机值的来源来模糊数据的系统,方法和非暂时的计算机可读存储介质。 通过接收指令和数据并将指令和数据编译成具有文本部分和数据部分的可执行文件来执行混淆。 文本部分可以包括指令,数据部分可以包括数据段。 该系统通过生成相应数据段的地址的散列来迭代地模糊数据段,并且基于散列,识别包括至少一个指令的文本段中的相应地址。 该系统从对应的地址中获取一个掩码密钥,并将该掩码密钥应用于相应的数据段,产生一个被掩蔽的数据段。 在一个实施例中,执行混淆数据的完整性验证,而不会通过利用多个掩码密钥将数据暴露在未受保护状态。
    • 3. 发明授权
    • System and method for annotation-driven function inlining
    • 注释驱动函数内联的系统和方法
    • US08887140B2
    • 2014-11-11
    • US12688807
    • 2010-01-15
    • Julien LerougeNicholas T. SullivanGideon M. MylesJon McLachlanAugustin J. Farrugia
    • Julien LerougeNicholas T. SullivanGideon M. MylesJon McLachlanAugustin J. Farrugia
    • G06F21/14G06F9/45G06F9/46G06F17/24
    • G06F21/14G06F8/4443G06F9/463G06F17/241
    • Disclosed herein are systems, methods, and computer-readable storage media for obfuscating using inlined functions. A system configured to practice the method receives a program listing including annotated functions for obfuscation, identifies an annotated function called more than once in the program listing, and creates an inline control flow structure in the program listing for the identified annotated function, the control flow structure being computationally equivalent to inlining the identified annotated function into the program listing for each occurrence of the identified annotated function. The program listing can include tiers of annotated functions. The system can identify annotated functions called more than once based on an optionally generated callgraph. The system can create inline control flow structures in the program listing in order of annotation importance. The system can identify how many times each annotated function is called in the program listing.
    • 本文公开了用于使用内联函数进行混淆的系统,方法和计算机可读存储介质。 配置为实施该方法的系统接收包括用于模糊化的注释功能的程序列表,在程序列表中标识多于一次的注释函数,并且在所述程序列表中为所识别的注释功能创建一个内联控制流结构, 计算结构相当于将所识别的注释功能内联到所述识别的注释功能的每次出现的程序列表中。 程序列表可以包括注释功能的层次。 系统可以基于可选地生成的呼叫图来识别多次调用的注释功能。 该系统可以在注释重要性的顺序创建程序列表中的内联控制流结构。 系统可以识别每个注释功能在程序列表中调用的次数。
    • 4. 发明授权
    • System and method for branch function based obfuscation
    • 基于分支函数的混淆的系统和方法
    • US08751823B2
    • 2014-06-10
    • US13195748
    • 2011-08-01
    • Gideon M. MylesJulien LerougeJon McLachlanGanna ZaksAugustin J. Farrugia
    • Gideon M. MylesJulien LerougeJon McLachlanGanna ZaksAugustin J. Farrugia
    • G06F21/22
    • G06F21/14G06F2221/033
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating branches in computer code. A compiler or a post-compilation tool can obfuscate branches by receiving source code, and compiling the source code to yield computer-executable code. The compiler identifies branches in the computer-executable code, and determines a return address and a destination value for each branch. Then, based on the return address and the destination value for each branch, the compiler constructs a binary tree with nodes and leaf nodes, each node storing a balanced value, and each leaf node storing a destination value. The non-leaf nodes are arranged such that searching the binary tree by return address leads to a corresponding destination value. Then the compiler inserts the binary tree in the computer-executable code and replaces each branch with instructions in the computer-executable code for performing a branching operation based on the binary tree.
    • 本文公开了用于在计算机代码中模糊分支的系统,方法和非暂时的计算机可读存储介质。 编译器或后编译工具可以通过接收源代码来模糊分支,并编译源代码以产生计算机可执行代码。 编译器识别计算机可执行代码中的分支,并确定每个分支的返回地址和目标值。 然后,基于每个分支的返回地址和目的地值,编译器构造具有节点和叶节点的二叉树,每个节点存储平衡值,并且每个叶节点存储目的地值。 非叶节点被布置为使得通过返回地址搜索二叉树导致相应的目的地值。 然后,编译器将二进制树插入计算机可执行代码,并用计算机可执行代码中的指令替换每个分支,以执行基于二叉树的分支操作。
    • 5. 发明申请
    • SYSTEM AND METHOD FOR BINARY LAYOUT RANDOMIZATION
    • 用于二进制布局约束的系统和方法
    • US20120260106A1
    • 2012-10-11
    • US13081994
    • 2011-04-07
    • Ganna ZaksJulien LerougeJon McLachlanGideon M. MylesAugustin J. Farrugia
    • Ganna ZaksJulien LerougeJon McLachlanGideon M. MylesAugustin J. Farrugia
    • G06F12/14
    • G06F21/14G06F12/1408
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for binary layout randomization. A system performs binary layout randomization by loading computer code into memory and identifying a section of the computer code to randomize. A loader remaps the section of computer code to a different location in memory utilizing a remapping algorithm. The loader can shuffle sections of code in place or move sections of code elsewhere. The loader patches relative addresses to point to the updated locations in memory. After the system patches the addresses, the system executes the computer code from memory. In one embodiment, the system encrypts the computer code prior to loading the computer code into memory. The loader decrypts the encrypted computer code prior to remapping the section of computer code to a different location in memory. Optionally, the loader can decrypt the encrypted computer code after patching relative addresses.
    • 本文公开了用于二进制布局随机化的系统,方法和非暂时计算机可读存储介质。 系统通过将计算机代码加载到内存中并识别计算机代码的一部分来随机化来执行二进制布局随机化。 使用重新映射算法,加载器将计算机代码的部分重新映射到存储器中的不同位置。 加载器可以将代码段拖放到位或将代码段移到其他位置。 加载程序将相对地址补丁指向内存中更新的位置。 系统修补地址后,系统会从内存中执行计算机代码。 在一个实施例中,系统在将计算机代码加载到存储器之前加密计算机代码。 在重新映射计算机代码部分到存储器中的不同位置之前,加载器解密加密的计算机代码。 可选地,加载器可以在修补相对地址之后对加密的计算机代码进行解密。
    • 8. 发明授权
    • System and method for obfuscating data using instructions as a source of pseudorandom values
    • 使用指令作为伪随机数值来源对数据进行模糊处理的系统和方法
    • US09116765B2
    • 2015-08-25
    • US13308515
    • 2011-11-30
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • H04L29/00G06F7/58G06F21/54
    • G06F7/588G06F21/54G06F2221/2107
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys.
    • 本文公开了用于使用指令作为伪随机值的来源来模糊数据的系统,方法和非暂时的计算机可读存储介质。 通过接收指令和数据并将指令和数据编译成具有文本部分和数据部分的可执行文件来执行混淆。 文本部分可以包括指令,数据部分可以包括数据段。 该系统通过生成相应数据段的地址的散列来迭代地模糊数据段,并且基于散列,识别包括至少一个指令的文本段中的相应地址。 该系统从对应的地址中获取一个掩码密钥,并将该掩码密钥应用于相应的数据段,产生一个被掩蔽的数据段。 在一个实施例中,执行混淆数据的完整性验证,而不会通过利用多个掩码密钥将数据暴露在未受保护状态。
    • 9. 发明授权
    • System and method for blurring instructions and data via binary obfuscation
    • 通过二进制混淆模糊指令和数据的系统和方法
    • US08615735B2
    • 2013-12-24
    • US13100041
    • 2011-05-03
    • Jon McLachlanGanna ZaksJulien LerougePierre BetouinAugustin J. FarrugiaGideon M. MylesCédric Tessier
    • Jon McLachlanGanna ZaksJulien LerougePierre BetouinAugustin J. FarrugiaGideon M. MylesCédric Tessier
    • G06F9/44
    • G06F21/14G06F21/125
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating a computer program. A system configured to practice the method identifies a set of executable instructions at a first location in an instruction section of the computer program and identifies a second location in a data section of the computer program. Then the system moves the set of executable instructions to the second location and patches references in the computer program to the set of executable instructions to point to the second location. The instruction section of the computer program can be labeled as _TEXT,_text and the data section of the computer program is labeled as _DATA,_data. The set of executable instructions can include one or more non-branching instructions optionally followed by a branching instruction. The placement of the first and second locations can be based on features of a target computing architecture, such as cache size.
    • 本文公开了用于模糊计算机程序的系统,方法和非暂时的计算机可读存储介质。 被配置为练习该方法的系统在计算机程序的指令部分中的第一位置识别一组可执行指令,并且识别计算机程序的数据部分中的第二位置。 然后系统将可执行指令集移动到第二位置,并将计算机程序中的引用修补到指向第二位置的可执行指令集。 计算机程序的指令部分可以标记为_TEXT,_text,计算机程序的数据部分标记为_DATA,_data。 该可执行指令集可以包括一个或多个非分支指令,可选地跟随分支指令。 第一和第二位置的放置可以基于诸如高速缓存大小的目标计算架构的特征。
    • 10. 发明申请
    • SYSTEM AND METHOD FOR BRANCH FUNCTION BASED OBFUSCATION
    • 基于分支函数的OBFUSC的系统和方法
    • US20130036473A1
    • 2013-02-07
    • US13195748
    • 2011-08-01
    • Gideon M. MylesJulien LerougeJon McLachlanGanna ZaksAugustin J. Farrugia
    • Gideon M. MylesJulien LerougeJon McLachlanGanna ZaksAugustin J. Farrugia
    • G06F21/00G06F9/38G06F9/45
    • G06F21/14G06F2221/033
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating branches in computer code. A compiler or a post-compilation tool can obfuscate branches by receiving source code, and compiling the source code to yield computer-executable code. The compiler identifies branches in the computer-executable code, and determines a return address and a destination value for each branch. Then, based on the return address and the destination value for each branch, the compiler constructs a binary tree with nodes and leaf nodes, each node storing a balanced value, and each leaf node storing a destination value. The non-leaf nodes are arranged such that searching the binary tree by return address leads to a corresponding destination value. Then the compiler inserts the binary tree in the computer-executable code and replaces each branch with instructions in the computer-executable code for performing a branching operation based on the binary tree.
    • 本文公开了用于在计算机代码中模糊分支的系统,方法和非暂时的计算机可读存储介质。 编译器或后编译工具可以通过接收源代码来模糊分支,并编译源代码以产生计算机可执行代码。 编译器识别计算机可执行代码中的分支,并确定每个分支的返回地址和目标值。 然后,基于每个分支的返回地址和目的地值,编译器构造具有节点和叶节点的二叉树,每个节点存储平衡值,并且每个叶节点存储目的地值。 非叶节点被布置为使得通过返回地址搜索二叉树导致相应的目的地值。 然后,编译器将二进制树插入计算机可执行代码,并用计算机可执行代码中的指令替换每个分支,以执行基于二叉树的分支操作。