Jump to content
Nytro

AntiDebugging - A developpers view

By Nytro, in Programare

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

AntiDebugging - A developpers view

Tyler Shields

tshields @ veracode.com

Veracode Inc., USA

4 Van de Graaff Drive, Burlington, MA 01803

Abstract

Anti-debugging is the implementation of one or more
techniques within computer code that hinders attempts at
reverse engineering or debugging a target binary. Within this
paper we will present a number of the known methods of antidebugging
in a fashion that is easy to implement for a developer
of moderate expertise. We will include source code, whenever
possible, with a line by line explanation of how the antidebugging
technique operates. The goal of the paper is to educate
development teams on anti-debugging methods and to ease the
burden of implementation.
Keywords— anti-debugging, security, debugging, copy
protection, anti-piracy, reverse engineering.

I. INTRODUCTION

Anti-debugging, when implemented properly, can be a
significant deterrence to would be reverse engineers and
software pirates. There is no foolproof solution to thwart the
dedicated reverse engineer; however, making the task as
arduous and difficult as possible increases the time and
expertise required for full analysis of the binary application.
Application developers should not be required to spend
significant amounts of time understanding and examining the
specifics of a software protection scheme. Straight forward
implementation of a best of breed solution helps to achieve the
aforementioned goals while leaving the developer additional
time to implement features and other necessary application
components.
The majority of data on the topic of anti-debugging has
been presented from the vantage point of a reverse engineer.
Anti-debugging methods typically have been presented in
assembly language dumps with minimal explanation as to the
high level code constructs involved in the technique. Unless
the developer is adept at reading and comprehending assembly
language code, the anti-debugging method is
incomprehensible and thus will not be implemented.
The goal of this paper is to present a number of antidebugging
methods in an easy to comprehend manner. The
average developer should be able to read this paper, grasp the
concepts described, and readily use the source code provided
to implement a myriad of different anti-debugging methods.
Education of the developer will lead to a stronger
understanding of the basic anti-debugging methods that can be
used to limit the effectiveness of a reverse engineer’s primary
tool, the debugger.

Download:

http://www.veracode.com/images/pdf/whitepaper_antidebugging.pdf

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...