Method for Programs Protection against Breakpoints by Code Fragments Execution in a Shared Buffer

Abstract

The article is devoted to the problem of creating anti-debugging mechanisms of the program. One of the most robust methods of setting breakpoints for programs is considered which cannot be detected by currently known algorithms. As part of the study, a new approach for program development is proposed which leads to decreasing in the effectiveness of debugging based on breakpoints. It is proposed to store program functions as a set of bytes and copy their code into one shared buffer before executing them. Given that the breakpoints are bound to the address, as a result we will get a debugger stop at each function executed in the buffer, not at any specific one, that will significantly increase the debugging time.