騰訊朱雀實驗室推出Deep Puzzling,利用AI技術進行代碼防護

{"type":"doc","content":[{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"AI技術不斷演進,黑客利用AI來進行網絡攻擊的事件屢見不鮮,傳統攻防手法往往乏力應對,在此背景下,通過AI進行代碼防護,開始成爲行業的技術趨勢。"}]}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"代碼防護技術Deep Puzzling"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"近日,全球頂級的信息安全峯會HITB+Cyberweek 2021正式舉辦,騰訊朱雀實驗室專家研究員Jifeng Zhu和研究員Keyun Luo受邀參加,並進行了題爲《Deep Puzzling: Binary Code Intention Hiding based on AI Uninterpretability》(《基於AI不可解釋性的二進制代碼意圖隱藏》)的議題分享。會上,騰訊朱雀實驗室展示瞭如何利用AI模型的特性,實現二進制代碼的意圖隱藏,有效防止代碼被黑客逆向分析,從而保障核心代碼的安全。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據瞭解,相比傳統攻防技術,AI算法具有諸多優勢,例如,在複雜特徵建模、內容生成、概率容錯、不可解釋性等方面擁有強大的能力。此次騰訊朱雀實驗室推出的Deep Puzzling(深度迷惑)技術正是利用了AI的這些特點,對代碼進行深層次的安全佈防。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據介紹,Deep Puzzling通過將多種載荷編碼到AI模型的參數中,實現高強度的代碼意圖隱藏,由此來“迷惑”黑客,令其無法反向分析其中的代碼邏輯。這樣即使黑客取得了AI模型文件,也很難猜透代碼的真實意圖。這項技術有效地提高了代碼的破解難度,可以幫助更多代碼擁有者守護自己的知識產權和信息安全,抑制AI型網絡攻擊的滋長。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.infoq.cn\/resource\/image\/cc\/ef\/cca434991055af4d5fb98bcdb5f22aef.png","alt":null,"title":"Deep Puzzling核心能力","style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"目前,朱雀實驗室已將這項技術面向全球開發者開源,方便研究團隊靈活取用,用前沿的AI技術助力網絡安全的升級。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"},{"type":"strong"}],"text":"Deep Puzzling開源地址:"},{"type":"link","attrs":{"href":"https:\/\/github.com\/aisecstudent\/DeepPuzzling","title":null,"type":null},"content":[{"type":"text","marks":[{"type":"italic"}],"text":"https:\/\/github.com\/aisecstudent\/DeepPuzzling"}],"marks":[{"type":"italic"},{"type":"strong"}]}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"Deep Puzzling工作原理"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在Deep Puzzling技術框架裏,有多個互相連接的模型,通過技術適應,保證讓黑客無法通過修改輸入數據的方式,來推測輸出代碼之間的邏輯關聯,進而加大了逆向分析代碼的難度,提高了核心代碼的安全級別。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"不僅如此,朱雀實驗室還設計了一個檢測模塊,來驗證這種方法的有效性。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.infoq.cn\/resource\/image\/d4\/c0\/d4f242e76216f0e168c68ce14b9e58c0.png","alt":null,"title":"Deep Puzzling工作原理演示","style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"首先,通過讀取海量的普通環境數據,構建一個“觸發-生成-糾錯”模型,端到端地實現了“目標定位-代碼執行”步驟,然後直接生成載荷。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"值得一提的是,這個系統還具備反調試能力。這種反調試能力並非傳統的進程狀態查看、時間分析、異常處理等,而是利用網絡構造出沒有任何“顯式if”判斷含義的計算過程,這個計算過程處於黑盒中,很難得知其因果關聯性,因而具有良好的數據密封性。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"此外,由於AI模型產生的代碼有一定的錯誤率,研究員們還設計了一種糾錯模型,來進一步降低局部解碼的錯誤率,使得AI模型大概率地輸出精確的結果,以確保被計算機正確地執行。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"大量反覆穩定性測試有力地佐證了Deep Puzzling的可行性。朱雀實驗室的研究員透露,“我們邀請過業界多位資深的逆向工程研究人員來嘗試破解,均無法解出,更加驗證了這是一個非常值得關注的新方向。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據瞭解,早在2018年,就有前人嘗試過利用AI技術來完成代碼的意圖隱藏。當時有研究人員提出了一種基於AI密鑰的“包裝”思路——DeepLocker,其工作原理爲,只有特定目標經過AI模型產生的密鑰才能解鎖意圖代碼。這項研究展示了AI在意圖隱藏方面的巨大潛力。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.infoq.cn\/resource\/image\/75\/35\/75b13b9f3f117a45f0c0f4c32c59e035.png","alt":null,"title":"DeepLocker工作原理","style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"不過,由於密鑰解密代碼的邏輯是暴露的,黑客仍然可以找到過程中的漏洞來盜取核心代碼。而隨着AI技術與網絡安全結合得越來越緊密,基於AI技術的網絡攻防手段也在日益完善成熟。"}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章