II. Current Status of JS Encryption
- Code Virtualization/JS Encryption/JS Obfuscation Protection
The idea of code virtualization protection (also known as virtual machine protection JS encryption) is already very mature in Windows application security and is currently the strongest binary code protection solution. The basic principle is to replace the original program instructions with custom virtual instructions and then use the corresponding interpreter at runtime to interpret and restore them to local instructions. Because of its strong protection effect, it has been widely used and commercialized in the industry, such as Themida, CodeVirtualizer, and VMProtect. In academia, there are also a large number of studies discussing how to use and enhance code virtualization technology to protect software from malicious reverse engineering attacks. Fang et al.  proposed a multi-stage software virtualization method, which uses different interpreters to iteratively transform key code areas multiple times to improve security, requiring attackers to crack all intermediate results to find the structure of the original code. Similarly, Yang et al.  proposed nested virtual machine code protection, which requires attackers to completely reverse engineer one layer of interpreter before moving to the next layer, increasing the cost of malicious reverse engineering attacks. Averbuch et al. [17,18] introduced encryption and decryption techniques based on virtual machine protection, using AES algorithm and custom encryption keys to encrypt virtual instructions, decrypt virtual instructions during runtime, and then schedule a handler to interpret virtual instructions. Fang et al. [19,20] proposed a time diversity protection scheme to increase the time diversity of the protected code area to resist dynamic analysis.
This method achieves its goal by constructing several equivalent but differently formed subprogram execution paths and dynamically selecting one of these paths to execute at runtime. Wang et al.  improved the virtual machine protection strength by introducing register rotation and multiple virtual registers based on traditional virtual machine structures. Tang et al.  proposed a virtual instruction randomization protection method, designed a random coding method based on the definition of virtual instructions, and made the software have diversity in the protected code after protection, achieving the effect of preventing malicious reverse engineering analysis. Kuang et al. [23,24] proposed a multi-virtual machine code protection scheme with a dynamic scheduling structure, using a dynamic instruction scheduling program and a multi-virtual machine structure to randomly guide program execution along different paths. The protected program has different execution behaviors and paths each time it runs, making it more difficult for attackers to launch attacks by reusing knowledge collected from previous runs or similar applications.