本文選題：Python　切入點(diǎn)：字節(jié)碼文件　出處：《中國(guó)科學(xué)技術(shù)大學(xué)》2017年碩士論文

【摘要】：Python編程語(yǔ)言自20世紀(jì)90年誕生至今,得益于其簡(jiǎn)單易學(xué)、語(yǔ)法簡(jiǎn)潔清晰、可擴(kuò)展性強(qiáng)、支持面向?qū)ο蟮戎T多優(yōu)點(diǎn),已被廣泛的應(yīng)用于系統(tǒng)管理任務(wù)和Web編程等諸多領(lǐng)域。但使用Python編程語(yǔ)言編寫的源碼文件(.py)編譯生成的字節(jié)碼文件(Bytecode file,.pyc)很容易被逆向工具反編譯,這不僅會(huì)侵害開(kāi)發(fā)人員的知識(shí)產(chǎn)權(quán)和經(jīng)濟(jì)利益,而且具有嚴(yán)重的安全隱患。于此同時(shí)現(xiàn)有的代碼混淆技術(shù)、文件加密技術(shù)、本地編譯技術(shù)、數(shù)字水印技術(shù)等防逆轉(zhuǎn)方法存在安全性不足、容易造成字節(jié)碼文件的執(zhí)行效率下降、應(yīng)用體積增加等問(wèn)題。為此本文圍繞基于操作碼替換與合并的Python字節(jié)碼文件防逆轉(zhuǎn)策略展開(kāi)研究工作,本文的主要的研究?jī)?nèi)容和成果包括以下三個(gè)方面:(1)通過(guò)對(duì)Python運(yùn)行框架和Python字節(jié)碼文件編譯、解釋執(zhí)行機(jī)制的分析,根據(jù)Python虛擬機(jī)對(duì)字節(jié)碼文件中的操作碼逐一進(jìn)行解釋執(zhí)行的特性,將Python字節(jié)碼文件的核心內(nèi)容co_code域進(jìn)行簡(jiǎn)化抽象,建立字節(jié)碼文件的操作碼序列模型與基本塊模型。(2)針對(duì)現(xiàn)有的代碼混淆技術(shù)和數(shù)字水印技術(shù)安全性不足的問(wèn)題,本文以字節(jié)碼文件中的操作碼序列為基礎(chǔ),結(jié)合單表替換密碼,設(shè)計(jì)出了一種適用于Python字節(jié)碼文件的操作碼的操作碼替換策略。該策略通過(guò)操作碼替換來(lái)改變操作碼序列中操作碼的值來(lái)達(dá)到改變操作碼序列內(nèi)容和防逆轉(zhuǎn)的目的。最后對(duì)操作碼替換策略在Python2.7.9中予以實(shí)現(xiàn),并根據(jù)單表替換密碼的特性,利用操作碼的統(tǒng)計(jì)學(xué)規(guī)律,評(píng)估操作碼替換策略的安全性。(3)針對(duì)文件加密技術(shù)易對(duì)字節(jié)碼文件的執(zhí)行效率造成影響和本地編譯技術(shù)造成目標(biāo)程序體積增加的問(wèn)題,本文設(shè)計(jì)出一種操作碼合并策略。該策略以字節(jié)碼文件中的操作碼序列的基本塊為基礎(chǔ),利用窺孔優(yōu)化技術(shù)將處于同一個(gè)基本塊中連續(xù)出現(xiàn)的多個(gè)操作碼進(jìn)行合并,并使用新操作碼來(lái)代替原來(lái)操作碼序列中連續(xù)出現(xiàn)的多個(gè)操作碼。通過(guò)操作碼合并大大縮短了操作碼序列的長(zhǎng)度,改變了操作碼序列的結(jié)構(gòu)和內(nèi)容,最終達(dá)到防逆轉(zhuǎn)的目的。最后對(duì)操作碼合并策略在Python 2.7.9中予以實(shí)現(xiàn),并對(duì)操作碼合并策略產(chǎn)生的字節(jié)碼文件的安全性、執(zhí)行效率、以及文件大小進(jìn)行評(píng)估與實(shí)驗(yàn)。
[Abstract]:Python programming language has been widely used in many fields, such as system management task and Web programming, because of its simplicity, clear syntax, strong expansibility and object-oriented support.However, the bytecode file compiled by Python programming language is easy to be decompiled by reverse tools, which not only infringes the intellectual property rights and economic benefits of developers, but also has a serious security hazard.At the same time, the existing anti-reverse methods, such as code confusion, file encryption, local compilation, digital watermarking and so on, are not secure enough, which can easily lead to the decrease of the execution efficiency of bytecode files and the increase of application volume.Therefore, this paper focuses on the anti-reversal strategy of Python bytecode files based on opcode replacement and merging. The main research contents and results of this paper include the following three aspects: 1) compiling the Python running framework and Python bytecode files.The analysis of execution mechanism is explained. According to the characteristic of Python virtual machine to interpret and execute the opcodes in bytecode file one by one, the core content of Python bytecode file is simplified and abstracted by co_code domain.To solve the problem of insufficient security of existing code obfuscation technology and digital watermarking technology, this paper bases on the operation code sequence in bytecode file and replaces the cipher with single table, which is based on the operation code sequence model of bytecode file and the basic block model.An opcode replacement strategy for Python bytecode files is designed.This strategy can change the content of the opcode sequence and prevent the reverse by changing the value of the opcode in the opcode sequence by replacing the opcode.Finally, the opcode replacement strategy is implemented in Python2.7.9, and according to the characteristics of single-table substitution cipher, the statistical rule of opcode is used.To evaluate the security of opcode replacement policy, this paper designs an opcode merging strategy to solve the problem that file encryption technology can easily affect the efficiency of bytecode file execution and the local compilation technology causes the volume of target program to increase.Based on the basic blocks of the sequence of operands in the bytecode file, the strategy combines multiple opcodes which appear continuously in the same basic block by using peephole optimization technique.New opcodes are used to replace multiple operands which appear continuously in the sequence of original opcodes.The length of the opcode sequence is greatly shortened and the structure and content of the opcode sequence are changed by the combination of opcodes.Finally, the opcode merging policy is implemented in Python 2.7.9, and the security, execution efficiency and file size of bytecode files generated by the opcode merging policy are evaluated and tested.
【學(xué)位授予單位】：中國(guó)科學(xué)技術(shù)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：TP312

【參考文獻(xiàn)】

相關(guān)期刊論文 前8條

1 蘇慶;吳偉民;李忠良;李景j;陳為德;;混沌不透明謂詞在代碼混淆中的研究與應(yīng)用[J];計(jì)算機(jī)科學(xué);2013年06期

2 蔣華;劉勇;王鑫;;基于控制流的代碼混淆技術(shù)研究[J];計(jì)算機(jī)應(yīng)用研究;2013年03期

3 楊樂(lè);周強(qiáng)強(qiáng);薛錦云;;基于垃圾代碼的控制流混淆算法[J];計(jì)算機(jī)工程;2011年12期

4 徐海銀;雷植洲;李丹;;代碼混淆技術(shù)研究[J];計(jì)算機(jī)與數(shù)字工程;2007年10期

5 鮑福良;彭俊艷;方志剛;;Java類文件保護(hù)方法綜述[J];計(jì)算機(jī)系統(tǒng)應(yīng)用;2007年06期

6 陳晗,趙軼群,繆亞波;Java字節(jié)碼的水印嵌入[J];計(jì)算機(jī)應(yīng)用;2003年09期

7 陳明奇,鈕心忻,楊義先;數(shù)字水印的研究進(jìn)展和應(yīng)用[J];通信學(xué)報(bào);2001年05期

8 孫圣和,陸哲明;數(shù)字水印處理技術(shù)[J];電子學(xué)報(bào);2000年08期

，

本文編號(hào)：1712891