会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • System and method for conditional expansion obfuscation
    • 用于条件扩展混淆的系统和方法
    • US08429637B2
    • 2013-04-23
    • US12202909
    • 2008-09-02
    • Gideon M. MylesTanya Michelle LattnerJulien LerougeAugustin J. Farrugia
    • Gideon M. MylesTanya Michelle LattnerJulien LerougeAugustin J. Farrugia
    • G06F9/45
    • G06F21/14
    • Disclosed herein are systems, methods, and computer readable-media for obfuscating code through conditional expansion obfuscation. The method includes identifying a conditional expression in a computer program, identifying a sequence of conditional expressions that is semantically equivalent to the conditional expression, and replacing the conditional expression with the semantically equivalent sequence of conditional expressions. One option replaces each like conditional expression in the computer program with a diverse set of sequences of semantically equivalent conditional expressions. A second option rearranges computer instructions that are to be processed after the sequence of conditional expression is evaluated so that a portion of the instructions is performed before the entire sequence of conditional expressions is evaluated. A third option performs conditional expansion obfuscation of a conditional statement in combination with branch extraction obfuscation.
    • 本文公开了用于通过条件扩展混淆来模糊代码的系统,方法和计算机可读介质。 该方法包括识别计算机程序中的条件表达式,识别在语义上等同于条件表达式的条件表达式的序列,以及用条件表达式的语义等价序列替换条件表达式。 一个选项用计算机程序中的条件表达式替换各种语义等价条件表达式的序列集合。 在评估条件表达式的序列之后,第二个选项重新排列要处理的计算机指令,使得在评估整个条件表达式序列之前执行指令的一部分。 第三个选项与条件语句结合使用分支提取混淆来执行条件扩展模糊处理。
    • 2. 发明授权
    • System and method for call replacement
    • 呼叫更换的系统和方法
    • US08423974B2
    • 2013-04-16
    • US12540195
    • 2009-08-12
    • Gideon M. MylesJulien LerougeTanya Michelle LattnerAugustin J. Farrugia
    • Gideon M. MylesJulien LerougeTanya Michelle LattnerAugustin J. Farrugia
    • G06F9/44
    • G06F21/14
    • Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for obfuscating a function call. The method receives a computer program having an annotated function and determines prolog instructions for setting up a stack frame of the annotated function and epilog instructions for tearing down the stack frame. The method places a first portion of the prolog instructions in the computer program preceding a jump to the annotated function and a second portion of the prolog instructions at a beginning of the annotated function. The method places a first portion of the epilog instructions at an end of the annotated function and a second portion of the epilog instructions in the computer program after the jump. Executing the first and second portions of the prolog instructions together sets up the stack frame. Executing the first and the second portions of the epilog instructions together tears down the stack frame.
    • 这里公开的是系统,计算机实现的方法和用于模糊功能调用的计算机可读存储介质。 该方法接收具有注释功能的计算机程序,并且确定用于建立注释功能的堆栈帧的序言指令和用于拆除堆栈帧的epilog指令。 该方法将前导序列指令的第一部分放置在跳转之前的计算机程序中,并且在注释的函数的开始处将序言指令的第二部分放置到注释的函数中。 该方法将epilog指令的第一部分放置在注释功能的末尾,并且在跳转之后在计算机程序中放置epilog指令的第二部分。 执行序言指令的第一和第二部分一起设置堆栈帧。 执行epilog指令的第一部分和第二部分一起撕下堆栈帧。
    • 4. 发明申请
    • SYSTEM AND METHOD FOR OBFUSCATING DATA USING INSTRUCTIONS AS A SOURCE OF PSEUDORANDOM VALUES
    • 使用指令作为PSEUDORANDOM值的来源来对数据进行数据采集的系统和方法
    • US20130104239A1
    • 2013-04-25
    • US13308515
    • 2011-11-30
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • G06F21/24G06F17/30
    • G06F7/588G06F21/54G06F2221/2107
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys.
    • 本文公开了用于使用指令作为伪随机值的来源来模糊数据的系统,方法和非暂时的计算机可读存储介质。 通过接收指令和数据并将指令和数据编译成具有文本部分和数据部分的可执行文件来执行混淆。 文本部分可以包括指令,数据部分可以包括数据段。 该系统通过生成相应数据段的地址的散列来迭代地模糊数据段,并且基于散列,识别包括至少一个指令的文本段中的相应地址。 该系统从对应的地址中获取一个掩码密钥,并将该掩码密钥应用于相应的数据段,产生一个被掩蔽的数据段。 在一个实施例中,执行混淆数据的完整性验证,而不会通过利用多个掩码密钥将数据暴露在未受保护状态。
    • 5. 发明授权
    • System and method for obfuscating data using instructions as a source of pseudorandom values
    • 使用指令作为伪随机数值来源对数据进行模糊处理的系统和方法
    • US09116765B2
    • 2015-08-25
    • US13308515
    • 2011-11-30
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • Jon McLachlanGideon M. MylesJulien Lerouge
    • H04L29/00G06F7/58G06F21/54
    • G06F7/588G06F21/54G06F2221/2107
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys.
    • 本文公开了用于使用指令作为伪随机值的来源来模糊数据的系统,方法和非暂时的计算机可读存储介质。 通过接收指令和数据并将指令和数据编译成具有文本部分和数据部分的可执行文件来执行混淆。 文本部分可以包括指令,数据部分可以包括数据段。 该系统通过生成相应数据段的地址的散列来迭代地模糊数据段,并且基于散列,识别包括至少一个指令的文本段中的相应地址。 该系统从对应的地址中获取一个掩码密钥,并将该掩码密钥应用于相应的数据段,产生一个被掩蔽的数据段。 在一个实施例中,执行混淆数据的完整性验证,而不会通过利用多个掩码密钥将数据暴露在未受保护状态。
    • 6. 发明授权
    • System and method for blurring instructions and data via binary obfuscation
    • 通过二进制混淆模糊指令和数据的系统和方法
    • US08615735B2
    • 2013-12-24
    • US13100041
    • 2011-05-03
    • Jon McLachlanGanna ZaksJulien LerougePierre BetouinAugustin J. FarrugiaGideon M. MylesCédric Tessier
    • Jon McLachlanGanna ZaksJulien LerougePierre BetouinAugustin J. FarrugiaGideon M. MylesCédric Tessier
    • G06F9/44
    • G06F21/14G06F21/125
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating a computer program. A system configured to practice the method identifies a set of executable instructions at a first location in an instruction section of the computer program and identifies a second location in a data section of the computer program. Then the system moves the set of executable instructions to the second location and patches references in the computer program to the set of executable instructions to point to the second location. The instruction section of the computer program can be labeled as _TEXT,_text and the data section of the computer program is labeled as _DATA,_data. The set of executable instructions can include one or more non-branching instructions optionally followed by a branching instruction. The placement of the first and second locations can be based on features of a target computing architecture, such as cache size.
    • 本文公开了用于模糊计算机程序的系统,方法和非暂时的计算机可读存储介质。 被配置为练习该方法的系统在计算机程序的指令部分中的第一位置识别一组可执行指令,并且识别计算机程序的数据部分中的第二位置。 然后系统将可执行指令集移动到第二位置,并将计算机程序中的引用修补到指向第二位置的可执行指令集。 计算机程序的指令部分可以标记为_TEXT,_text,计算机程序的数据部分标记为_DATA,_data。 该可执行指令集可以包括一个或多个非分支指令,可选地跟随分支指令。 第一和第二位置的放置可以基于诸如高速缓存大小的目标计算架构的特征。
    • 7. 发明授权
    • System and method for array obfuscation
    • 数组混淆的系统和方法
    • US08434061B2
    • 2013-04-30
    • US12135032
    • 2008-06-06
    • Augustin J. FarrugiaJulien LerougeTanya Michelle LattnerGideon M. MylesGianpaolo Fasoli
    • Augustin J. FarrugiaJulien LerougeTanya Michelle LattnerGideon M. MylesGianpaolo Fasoli
    • G06F9/44
    • G06F21/6209G06F21/10G06F21/6218G06F2221/2107
    • Disclosed herein are systems, methods, and computer readable-media for obfuscating array contents in a first array, the method comprising dividing the first array into a plurality of secondary arrays having a combined total size equal to or greater than the first array, expanding each respective array in the plurality of the secondary arrays by a respective multiple M to generate a plurality of expanded arrays, and arranging data elements within each of the plurality of expanded arrays such that a data element located at an index I in a respective secondary array is located at an index I*M, wherein M is the respective multiple M in an associated expanded array, wherein data in the first array is obfuscated in the plurality of expanded arrays. One aspect further splits one or more of the secondary arrays by dividing individual data elements in a plurality of sub-arrays. The split sub-arrays may contain more data elements than the respective secondary array. The principles herein may be applied to single dimensional or multi-dimensional arrays. The obfuscated array contents may be accessed via an index to the first array which is translated to retrieve data elements stored in the plurality of expanded arrays.
    • 本文公开了用于在第一阵列中模糊阵列内容的系统,方法和计算机可读介质,所述方法包括将第一阵列划分成具有等于或大于第一阵列的组合总大小的多个次阵列, 通过相应的多个M在多个次级阵列中的相应阵列以生成多个扩展阵列,并且在多个扩展阵列中的每一个内布置数据元素,使得位于相应次级阵列中的索引I处的数据元素是 位于索引I * M处,其中M是相关联的扩展阵列中的相应多个M,其中第一阵列中的数据在多个扩展阵列中被模糊化。 一个方面通过划分多个子阵列中的各个数据元素来进一步分割一个或多个次级阵列。 分割子阵列可能包含比相应的辅助阵列更多的数据元素。 这里的原理可以应用于单维或多维阵列。 混淆的阵列内容可以经由第一数组的索引访问,该索引被转换以检索存储在多个扩展阵列中的数据元素。
    • 8. 发明申请
    • SYSTEM AND METHOD FOR BRANCH FUNCTION BASED OBFUSCATION
    • 基于分支函数的OBFUSC的系统和方法
    • US20130036473A1
    • 2013-02-07
    • US13195748
    • 2011-08-01
    • Gideon M. MylesJulien LerougeJon McLachlanGanna ZaksAugustin J. Farrugia
    • Gideon M. MylesJulien LerougeJon McLachlanGanna ZaksAugustin J. Farrugia
    • G06F21/00G06F9/38G06F9/45
    • G06F21/14G06F2221/033
    • Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating branches in computer code. A compiler or a post-compilation tool can obfuscate branches by receiving source code, and compiling the source code to yield computer-executable code. The compiler identifies branches in the computer-executable code, and determines a return address and a destination value for each branch. Then, based on the return address and the destination value for each branch, the compiler constructs a binary tree with nodes and leaf nodes, each node storing a balanced value, and each leaf node storing a destination value. The non-leaf nodes are arranged such that searching the binary tree by return address leads to a corresponding destination value. Then the compiler inserts the binary tree in the computer-executable code and replaces each branch with instructions in the computer-executable code for performing a branching operation based on the binary tree.
    • 本文公开了用于在计算机代码中模糊分支的系统,方法和非暂时的计算机可读存储介质。 编译器或后编译工具可以通过接收源代码来模糊分支,并编译源代码以产生计算机可执行代码。 编译器识别计算机可执行代码中的分支,并确定每个分支的返回地址和目标值。 然后,基于每个分支的返回地址和目的地值,编译器构造具有节点和叶节点的二叉树,每个节点存储平衡值,并且每个叶节点存储目的地值。 非叶节点被布置为使得通过返回地址搜索二叉树导致相应的目的地值。 然后,编译器将二进制树插入计算机可执行代码,并用计算机可执行代码中的指令替换每个分支,以执行基于二叉树的分支操作。