Crafting a compiler with C
Advanced compiler design and implementation
Advanced compiler design and implementation
Building an optimizing compiler
Building an optimizing compiler
Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation
Retargetable Compilers for Embedded Core Processors: Methods and Experience in Industrial Applications
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
Protection of Software-Based Survivability Mechanisms
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs
ISC '01 Proceedings of the 4th International Conference on Information Security
Garbage Collector Memory Accounting in Language-Based Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A security architecture for survivability mechanisms
A security architecture for survivability mechanisms
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Control Code Obfuscation by Abstract Interpretation
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
Deriving an Information Flow Checker and Certifying Compiler for Java
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Compilers: Principles, Techniques, and Tools (2nd Edition)
Compilers: Principles, Techniques, and Tools (2nd Edition)
Dynamic security labels and static information flow control
International Journal of Information Security
Controlling the what and where of declassification in language-based security
ESOP'07 Proceedings of the 16th European conference on Programming
Information hiding in software with mixed Boolean-arithmetic transforms
WISA'07 Proceedings of the 8th international conference on Information security applications
| Hi-index | 0.00 |
Not long after the introduction of stored-program computing machines, the first high-level language compilers appeared. The need for automatically and efficiently mapping abstract concepts from high-level languages onto low-level assembly languages has been recognized ever since. A compiler has a unique ability to gather and analyze large amounts of data in a manner that would be an unwieldy manual endeavor. It is this property that makes known compiler techniques and technology ideally suited for the purposes of software protection against reverse engineering and tampering attacks. In this paper, we present a code transformation infrastructure combined with build-time security techniques that are used to integrate protection into otherwise vulnerable machine programs. We show the applicability of known compiler techniques such as aliasanalysis, whole program analysis, data-flow analysis, and control-flow analysis and how these capabilities provide the basis for program transformations that provide comprehensive software protection. These methods are incorporated in an extensible framework allowing efficient development of new code transformations, as part of a larger suite of security tools for the creation of robust applications. We describe a number of successful applications of these tools.