Nytro Posted August 4, 2012 Report Share Posted August 4, 2012 Anti-Debugging – A Developers ViewTyler Shieldstshields a veracode.comVeracode Inc., USA4 Van de Graaff Drive, Burlington, MA 01803Abstract— Anti-debugging is the implementation of one or moretechniques within computer code that hinders attempts atreverse engineering or debugging a target binary. Within thispaper we will present a number of the known methods of antidebuggingin a fashion that is easy to implement for a developerof moderate expertise. We will include source code, wheneverpossible, with a line by line explanation of how the antidebuggingtechnique operates. The goal of the paper is to educatedevelopment teams on anti-debugging methods and to ease theburden of implementation.Keywords— anti-debugging, security, debugging, copyprotection, anti-piracy, reverse engineeringI. INTRODUCTIONAnti-debugging, when implemented properly, can be asignificant deterrence to would be reverse engineers andsoftware pirates. There is no foolproof solution to thwart thededicated reverse engineer; however, making the task asarduous and difficult as possible increases the time andexpertise required for full analysis of the binary application.Application developers should not be required to spendsignificant amounts of time understanding and examining thespecifics of a software protection scheme. Straight forwardimplementation of a best of breed solution helps to achieve theaforementioned goals while leaving the developer additionaltime to implement features and other necessary applicationcomponents.The majority of data on the topic of anti-debugging hasbeen presented from the vantage point of a reverse engineer.Anti-debugging methods typically have been presented inassembly language dumps with minimal explanation as to thehigh level code constructs involved in the technique. Unlessthe developer is adept at reading and comprehending assemblylanguage code, the anti-debugging method isincomprehensible and thus will not be implemented.Download:http://shell-storm.org/papers/files/764.pdf Quote Link to comment Share on other sites More sharing options...
