| CPC G06F 8/433 (2013.01) [G06F 21/54 (2013.01); G06F 2221/033 (2013.01)] | 7 Claims |
|
1. A tamper detection feature embedding device configured to embed an allowed list type tamper detection feature using hash values in a software to be monitored, the tamper detection feature embedding device comprising:
at least one memory storing instructions, and
at least one processor configured to execute the instructions to:
receive input of a first source code, which is the source code of the software;
build the first source code to generate a first binary;
generate a first control flow graph (CFG) based on the first binary;
determine embedding points to embed tamper detection feature calling functions in the first source code based on the first CFG, embed the tamper detection feature calling functions in the determined embedding points in the first source code, and embed the tamper detection feature in the first source code;
build a second source code, which is the source code in which the tamper detection feature and the tamper detection feature calling functions are embedded in the first source code, to generate a second binary;
generate a second CFG based on the second binary;
create an allowed list based on the second binary and the second CFG, and
output the second binary and the allowed list,
wherein the at least one processor is further configured to execute the instructions to determine a monitoring range for the tamper detection feature calling functions based on the second CFG, and create a list of hash values of the monitoring range for the tamper detection feature calling functions as the allowed list.
|