Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Fault Tolerant Operating Systems
ACM Computing Surveys (CSUR)
Operating System Structures to Support Security and Reliable Software
ACM Computing Surveys (CSUR)
Reliability Issues in Computing System Design
ACM Computing Surveys (CSUR)
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
Oblivious Hashing: A Stealthy Software Integrity Verification Primitive
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protecting Software Code by Guards
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
System structure for software fault tolerance
Proceedings of the international conference on Reliable software
Breaking Abstractions and Unstructuring Data Structures
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Software Tamper Resistance: Obstructing Static Analysis of Programs
Software Tamper Resistance: Obstructing Static Analysis of Programs
Software piracy prevention through diversity
Proceedings of the 4th ACM workshop on Digital rights management
On obfuscating point functions
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Error Correction Coding: Mathematical Methods and Algorithms
Error Correction Coding: Mathematical Methods and Algorithms
On the Impossibility of Obfuscation with Auxiliary Input
FOCS '05 Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science
Proteus: virtualization for diversified tamper-resistance
Proceedings of the ACM workshop on Digital rights management
Framework for instruction-level tracing and analysis of program executions
Proceedings of the 2nd international conference on Virtual execution environments
Rx: Treating bugs as allergies—a safe method to survive software failures
ACM Transactions on Computer Systems (TOCS)
Proceedings of the 9th workshop on Multimedia & security
Data structures for limited oblivious execution of programs while preserving locality of reference
Proceedings of the 2007 ACM workshop on Digital Rights Management
Runtime Protection via Dataflow Flattening
SECURWARE '09 Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and Technologies
Delayed and controlled failures in tamper-resistant software
IH'06 Proceedings of the 8th international conference on Information hiding
Run-time randomization to mitigate tampering
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
A graph game model for software tamper protection
IH'07 Proceedings of the 9th international conference on Information hiding
Software integrity checking expressions (ICEs) for robust tamper detection
IH'07 Proceedings of the 9th international conference on Information hiding
Embedded software security through key-based control flow obfuscation
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
Hi-index | 0.00 |
Common software-protection systems attempt to detect malicious observation and modification of protected applications. Upon tamper detection, anti-hacking code may produce a crash or gradual failure, rendering the application unusable or troublesome. Such a response is designed to complicate attacks, but has also caused problems for developers and end users, particularly when bugs or other problems invoke anti-tampering measures accidentally. To address these issues, an alternative approach is to detect and fix malicious changes. This paper presents a scheme to transform programs into tamper-tolerant versions that use self-correcting operation as a response against attacks. Combining techniques from the fields of fault tolerance and software security, the approach transforms programs via code individualization and redundancy. We also describe security enhancements through error correction, delayed responses and checkpointing. For security analysis, we adapt a graph-based model of attacks and defenses in the context of software tamper-resistance. This helps to estimate the difficulty of breaking our scheme in practical scenarios.