Software protection through dynamic code mutation

Authors:
Matias Madou;Bertrand Anckaert;Patrick Moseley;Saumya Debray;Bjorn De Sutter;Koen De Bosschere
Affiliations:
Department of Electronics and Information Systems, Ghent University, Ghent, Belgium;Department of Electronics and Information Systems, Ghent University, Ghent, Belgium;Department of Computer Science, University of Arizona, Tucson, AZ;Department of Computer Science, University of Arizona, Tucson, AZ;Department of Electronics and Information Systems, Ghent University, Ghent, Belgium;Department of Electronics and Information Systems, Ghent University, Ghent, Belgium
Venue:
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Year:
2005

Citing 23
Cited 11

Introduction to algorithms

Introduction to algorithms
Non-concurrency analysis

PPOPP '93 Proceedings of the fourth ACM SIGPLAN symposium on Principles and practice of parallel programming
Decompilation of binary programs

Software—Practice & Experience
C: a language for high-level, efficient, and machine-independent dynamic code generation

POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Manufacturing cheap, resilient, and stealthy opaque constructs

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamo: a transparent dynamic optimization system

PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Dynamic software updating

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Architectural support for copy and tamper resistant software

ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Profile-guided code compression

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Higher-order strictness analysis in untyped lambda calculus

POPL '86 Proceedings of the 13th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Watermarking, tamper-proffing, and obfuscation: tools for software protection

IEEE Transactions on Software Engineering
Tamper Resistant Software: An Implementation

Proceedings of the First International Workshop on Information Hiding
Protection of Software-Based Survivability Mechanisms

DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
ISAAC

Proceedings of the Third International Workshop on Fast Software Encryption
Word problems requiring exponential time(Preliminary Report)

STOC '73 Proceedings of the fifth annual ACM symposium on Theory of computing
The complexity of theorem-proving procedures

STOC '71 Proceedings of the third annual ACM symposium on Theory of computing
Breaking Abstractions and Unstructuring Data Structures

ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Automatic, Template-Based Run-Time Specialization: Implementation and Experimental Study

ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Disassembly of Executable Code Revisited

WCRE '02 Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE'02)
Exploiting Self-Modification Mechanism for Program Protection

COMPSAC '03 Proceedings of the 27th Annual International Conference on Computer Software and Applications
Practical Random Number Generation in Software

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Link-time optimization of ARM binaries

Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
An API for Runtime Code Patching

International Journal of High Performance Computing Applications

Hybrid static-dynamic attacks against software protection mechanisms

Proceedings of the 5th ACM workshop on Digital rights management
Proteus: virtualization for diversified tamper-resistance

Proceedings of the ACM workshop on Digital rights management
Semantics-based code obfuscation by abstract interpretation

Journal of Computer Security
Protection of DRM Agent Codes

PCM '09 Proceedings of the 10th Pacific Rim Conference on Multimedia: Advances in Multimedia Information Processing
A model for self-modifying code

IH'06 Proceedings of the 8th international conference on Information hiding
A secure and robust approach to software tamper resistance

IH'10 Proceedings of the 12th international conference on Information hiding
Adaptive languages and a new programming style

ACS'06 Proceedings of the 6th WSEAS international conference on Applied computer science
Mobile Agent Protection with Self-Modifying Code

Journal of Signal Processing Systems
Multi-stage binary code obfuscation using improved virtual machine

ISC'11 Proceedings of the 14th international conference on Information security
Network–Level polymorphic shellcode detection using emulation

DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Replacement attacks against VM-protected applications

VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments

Quantified Score

Hi-index	0.00

Visualization

Abstract

Reverse engineering of executable programs, by disassembling them and then using program analyses to recover high level semantic information, plays an important role in attacks against software systems, and can facilitate software piracy. This paper introduces a novel technique to complicate reverse engineering. The idea is to change the program code repeatedly as it executes, thereby thwarting correct disassembly. The technique can be made as secure as the least secure component of opaque variables and pseudorandom number generators.