摘要:
An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a loader generating part, a decrypted code caller generating part and an unloader generating part. The secret code dividing part divides an application code into a secret code and a normal code. The secret code caller generating part generates a secret code caller. The dummy code generating part generates a dummy code corresponding to the secret code. The code disposing part disposes the dummy code and the encrypted secret code and generates position information thereof. The code decryptor generating part generates a code decryptor. The loader generating part generates a loader. The decrypted code caller generating part generates a decrypted code caller. The unloader generating part generates an unloader.
摘要:
A mobile device and a method of operating a mobile device are disclosed. The mobile device includes a main processor executing a normal code of a mobile application program, a co-processor executing a core code of the mobile application program, and a co-processor driver enabling the main processor and the co-processor to communicate with each other. The normal code includes commands executable by the main processor, and the core code includes commands executable by the co-processor. Since the core code is separated from the mobile application program on a level lower than an operating system level when the mobile application program is installed on the mobile device and the core code is stored in a core code storage to which the main processor is not allowed to access directly, the core code is not exposed to an attacker, such that resistance to a reverse engineering attack is increased.
摘要:
The integrity verification system includes a client and an RCE server. The client requests an RCE service to the RCE server using a pointer of a return function as a parameter of a service call function and transmits a memory code of the return function to the RCE server when Reverse-RCE for obtaining the memory code of the return function is requested from the RCE server. The RCE server generates a first hash key of the transmitted memory code, compares the first hash key to a stored second hash key of the memory code of an original return function, generates a return value according to a compared result between the first hash key and the second hash key and transmits the generated return value to the client using the generated return value as a parameter of the service call function. The client executes the return function using the return value as a parameter of the return function.
摘要:
An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a disposed code importer generating part, a code loader generating part, a memory inner code modifier generating part and a decrypted code caller generating part.
摘要:
An application code obfuscating apparatus includes a secret code divider, a secret code caller, a code converter and an obfuscating part. The secret code divider is configured to divide an application code having a first type into a secret code and a normal code. The secret code caller generating part is configured to generate a secret code caller to call the secret code. The code converter is configured to convert the secret code having the first type to a second type. The obfuscating part is configured to generate a first table and a second table. The first table includes an obfuscated signature of the secret code and a first random vector. The second table includes an offset of the secret code which corresponds to the obfuscated signature of the secret code and a second random vector which is liked with the first random vector.
摘要:
A code obfuscation device and a method of obfuscating a code of an application program file are disclosed. The code obfuscation device includes an extraction circuit uncompressing an application program file to extract a Dalvik executable file, a code analysis circuit analyzing a bytecode of the Dalvik executable file, a control circuit determining an obfuscation character and a number and a location of the obfuscation character to be inserted in the bytecode, and an identifier conversion circuit inserting the obfuscation character in the bytecode to convert an identifier of the bytecode. Since the identifier of the bytecode is converted using an obfuscation character, which corresponds to a character that is invisible on a screen or has a different Unicode from another character displayed on the screen as a same shape as the character, the application program file has an increased resistance to a reverse engineering attack.