<< Click to Display Table of Contents >> Navigation: WinLicense > Protecting an application > Virtual Machine |
The Virtual Machine panel allows you to integrate the Virtual Machine technology into your application.
Available Virtual Machines
This panel shows all the available Virtual Machines that can be used in a protected application. Some Virtual Machines are public and others are private for specific customers. You can contact us at info@oreans.com to know more about customized Virtual Machines.
Suppose that you protect the same application two times using the TIGER Virtual Machine. Each protected instance will contain a unique TIGER Virtual Machine with different registers, instruction handlers, opcode table, etc. from the previous instance. They will just share the internal skeleton of the TIGER architecture. A cracker will have to study the internal skeleton of the TIGER architecture an later try to find a way to to attack all different variations of the TIGER architecture. This scheme is the one that contains all current software protectors based on Virtual Machines (they use mutations/variations of an internal architecture model defined by them).
We wanted to go one step further, creating multiple Virtual Machine architectures with the help of our powerful Virtual Machines Generator tool. Comparing two different architecture names, like TIGER and LION, is equivalent to comparing an Intel x86 processor with an ARM processor. Each one is totally independent from each other and developed without the other in mind.
The Complexity and Speed columns display some stats about the execution speed and the complexity of a given Virtual Machine. Notice that depending on the internal Virtual Machine revision, those values might change (increasing or decreasing across versions).
Virtual Machine selected for the Protection Boot loader
The protection boot loader (the code executed before your application takes control) uses the internal virtualization engine to protect itself from being inspected. You can select a specific Virtual Machine that will virtualize the protection boot code. To do so, just right click on the specific Virtual Machine and select "Use it in Protection Boot". We recommend you not using a very complex virtual machine (with low speed) to avoid a noticeable performance decrease while your application is being loaded.
Virtual Machine selected for standard (old) VM macros
If you have inserted the old VM_START/END macro in your source code, you can associate a specific Virtual Machine name to those macros. To do so, just right-click on the specific machine and select "Use it for old VM macros"
Guidelines to select Virtual Machines
Developers might feel confused about which Virtual Machine they should select in order to get the desired security for their applications. Some developers might have the idea of adding as many Virtual Machines and CPUs as possible to highly increase the security of their applications. This might not produce the effect that they want.
1) Just insert a single Virtual Machine or a couple of them. If you insert several Virtual Machines and CPUs, it will produce a big protected application on disk and memory, as some Virtual Machines can be bigger than 1Mb. Notice that if you select several Virtual Machines and they are not selected in the lower "Virtualization" panel, SecureEngine will not insert those Virtual Machines inside your application, as they will be unused by the protection (optimizing the final size of the protected application)
2) When using the virtualization macros in your application, you should avoid using the old VM macro and specify the Virtual Machine architecture that will protect a specific macro (example: "VM_TIGER_RED_START/END"). This will allow you to use complex Virtual Machines for your most sensitive code and a lighter Virtual Machine for code that needs to be virtualized and executed at a higher speed.
3) From time to time consider updating your virtualization macros to point to a different or newer Virtual Machine architecture. If you have been using the TIGER architecture for some time, you might want to select a different architecture in new versions of your application, to fight against crackers that have been behind your application for some time.