Research on Software Protection Technology Based on Driver
American Journal of Information Science and Technology
Volume 4, Issue 3, September 2020, Pages: 46-50
Received: May 13, 2020; Accepted: Aug. 5, 2020; Published: Aug. 18, 2020
Views 120      Downloads 28
Authors
Zhu Hao, Qujing No. 1 Middle School, Qujing, China
Kong Qiongying, Faculty of Information Engineering and Automation, Kunming University of Science and Technology, Kunming, China
Xu Zexin, Qujing No. 1 Middle School, Qujing, China
Chen Jiwei, Faculty of Information Engineering and Automation, Kunming University of Science and Technology, Kunming, China
Li Xian, Qujing No. 1 Middle School, Qujing, China
Article Tools
Follow on us
Abstract
Recent years, with the rapid development of the Internet, the technology of software and hardware changes with each passing day. In order to pursue the economic interest, many software systems which contains fatal flaws are always come into use untimely. Although many software developers have involved a tremendous lot of work to make the life cycle of their software systems long enough. However, the law is strong but the outlaws are ten times stronger. In order to be able to illegally use software related charging functions, hackers improve their illegal cracking techniques. in the process of confronting software protection technology As many software developers only focus on the implementation of software system functions, they overlooked the software encryption protection and reverse cracking. Therefore, in the preliminary stage of studying software protection, researchers developed some relatively useful professional software encryption protection program (Shell for short). However, with the development of cracking techniques, even the strong shell ASProtect which uses powerful encryption algorithms such as Twofish, TEA, Blowfish, and the combination of CRC (Cyclic Redundancy Check) and anti-debugging techniques can be removed by using the free OllyDbg dynamic tracking shell after the disassembly code. Using the stack balance principle to find the shell before the program execution entrance, then combining the powerful functions of LoadPE tool to import table, import address table and relocation table. Presently, VMProtect and driver protection technology are two most important ways to protect software. However, VMProtect will need large amount of code in order to build virtual machines which will act as decoders of bytecode - code generated to protect software. For the same reason, efficiency of executing software protected by VMProtect is very low. This article will introduce current state of software protection and give suggestions to limitation found in current application.
Keywords
Driver protection, Kernel Reboot, Encryption, SSDTHOOK
To cite this article
Zhu Hao, Kong Qiongying, Xu Zexin, Chen Jiwei, Li Xian, Research on Software Protection Technology Based on Driver, American Journal of Information Science and Technology. Vol. 4, No. 3, 2020, pp. 46-50. doi: 10.11648/j.ajist.20200403.12
Copyright
Copyright © 2020 Authors retain the copyright of this article.
This article is an open access article distributed under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
References
[1]
Li Ruofeng. Research on Network Intrusion Detection Technology Based on Windows Driver Filtering [D]. China University of Mining and Technology, 2019.
[2]
Meng Chenyu, Shi Yuan, Wang Jiawei, Zhou Jie,Kang Xiaofeng. Windows kernel-level protection system [J]. Software, 2016, 37 (03): 16-20+26.
[3]
Duan Zhixiu. Study Of Software IP Protection [D]. LanZhou University, 2019.
[4]
Chen Xiaoting. Study of Whether To Forbid Reverse Engineer Software Is Legal——Thoughts Derived From AWS Customer Agreement Regarding Dos and Don’ts [J]. Science Publication, 2019, 27 (03): 59-64.
[5]
Xu Feng. Design and implementation of security monitoring software in Windows x64 system environment [D]. Beijing University of Posts and telecommunications, 2019.
[6]
Dong Jianye. Anti Reverse Engineering In Software Industries [A]. China Institute of Communications Communications Technology Safety Board. 2010 Collections Of Articles Regarding Communication Safety [C]. China Institute of Communications Communications Technology Safety Board: China Institute of Communications, 2010: 5.
[7]
Yi Xiangchen. Security software process protection and reinforcement technology based on Windows system [D]. Tianjin University, 2018.
[8]
Ma HongLi. Study Of Software Protection Based On Windows Kernel [D]. Huazhong University of Science and Technology, 2012.
[9]
Ni Tao. Safety Test On Kernel Drivers Based On Windows Kernel [J]. Informations And Communications, 2017 (01): 183-184.
[10]
Meng ChenYu, Shi Yuan, Wang JiaWei, Zhou Jie, Kang XiaoFeng. Protection System Of Windows Kernel [J]. Software, 2016, 37 (03): 16-20+26.
[11]
Zhao Xiaohua, Zhao Shusheng. User behavior collection solution based on Windows Kernel [J]. Software engineering, 2018, 21 (07): 28-31.
[12]
Wu Jian. Research on 64-bit Windows operating system kernel monitoring [D]. Xiangtan University, 2016.
[13]
C. Basile, D. Canavese, L. Regano, P. Falcarin, B. De Sutter. A Meta-model for Software Protections and Reverse Engineering Attacks [J]. The Journal of Systems & Software, 2018.
[14]
Principle Of Reverse Engineering [M]. Posts & Telecom Press, (Korean) Licheng Yuan, 2014.
[15]
Detailed Analysis Of Windows Kernel [J]. Publishing House of Electronics Industry, Mao DeCao, 2009.
ADDRESS
Science Publishing Group
1 Rockefeller Plaza,
10th and 11th Floors,
New York, NY 10020
U.S.A.
Tel: (001)347-983-5186