ABYSS: An Architecture for Software Protection
IEEE Transactions on Software Engineering
A tentative approach to constructing tamper-resistant software
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
Breaking Abstractions and Unstructuring Data Structures
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Software Tamper Resistance: Obstructing Static Analysis of Programs
Software Tamper Resistance: Obstructing Static Analysis of Programs
Design principles for tamper-resistant smartcard processors
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Software license management with smart cards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Oblivious Hashing: A Stealthy Software Integrity Verification Primitive
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Hiding program slices for software security
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Digital rights management for content distribution
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Sandmark--A Tool for Software Protection Research
IEEE Security and Privacy
Obfuscation of design intent in object-oriented applications
Proceedings of the 3rd ACM workshop on Digital rights management
Flexible Software Protection Using Hardware/Software Codesign Techniques
Proceedings of the conference on Design, automation and test in Europe - Volume 1
Taking a Lesson from Stealthy Rootkits
IEEE Security and Privacy
Software piracy prevention through diversity
Proceedings of the 4th ACM workshop on Digital rights management
Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring
Proceedings of the conference on Design, Automation and Test in Europe - Volume 1
SAFE-OPS: An approach to embedded software security
ACM Transactions on Embedded Computing Systems (TECS)
Soft Tamper-Proofing via Program Integrity Verification in Wireless Sensor Networks
IEEE Transactions on Mobile Computing
Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance
IEEE Transactions on Dependable and Secure Computing
Hybrid static-dynamic attacks against software protection mechanisms
Proceedings of the 5th ACM workshop on Digital rights management
IBM Systems Journal
SPEE: a secure program execution environment tool using code integrity checking
Journal of High Speed Networks - Special issue on trusted internet workshop (TIW) 2004
Proteus: virtualization for diversified tamper-resistance
Proceedings of the ACM workshop on Digital rights management
Tamper-proofing basis path by using oblivious hashing on Java
ACM SIGPLAN Notices
Key evolution-based tamper resistance: a subgroup extension
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Dynamic graph-based software fingerprinting
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the 9th workshop on Multimedia & security
Mechanism for software tamper resistance: an application of white-box cryptography
Proceedings of the 2007 ACM workshop on Digital Rights Management
Architectural support for run-time validation of program data properties
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Enhanced Security by OS-Oriented Encapsulation in TPM-Enabled DRM
Information Security and Cryptology
The Long-Short-Key Primitive and Its Applications to Key Security
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A compiler-hardware approach to software protection for embedded systems
Computers and Electrical Engineering
Hardware-assisted run-time monitoring for secure program execution on embedded processors
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Tamper-Tolerant Software: Modeling and Implementation
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Delayed and controlled failures in tamper-resistant software
IH'06 Proceedings of the 8th international conference on Information hiding
Run-time randomization to mitigate tampering
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Towards tamper resistant code encryption: practice and experience
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
GameGuard: a windows-based software architecture for protecting online games against hackers
Proceedings of the 2010 Symposium on Information and Communication Technology
Game theory for cyber security
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Live forensics framework for wireless sensor nodes using sandboxing
Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks
A secure and robust approach to software tamper resistance
IH'10 Proceedings of the 12th international conference on Information hiding
Self destructive tamper response for software protection
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Traitor tracing schemes for protected software implementations
Proceedings of the 11th annual ACM workshop on Digital rights management
Embedded software security through key-based control flow obfuscation
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
From prey to hunter: transforming legacy embedded devices into exploitation sensor grids
Proceedings of the 27th Annual Computer Security Applications Conference
An attack on SMC-based software protection
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Remote software-based attestation for wireless sensors
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
An efficient algorithm for resource sharing in peer-to-peer networks
NETWORKING'06 Proceedings of the 5th international IFIP-TC6 conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems
On building a lightweight security architecture for sensor networks
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
Indexing information for data forensics
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Self-validating branch-based software watermarking
IH'05 Proceedings of the 7th international conference on Information Hiding
Replacement attacks against VM-protected applications
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Watermarking spatial trajectory database
DASFAA'05 Proceedings of the 10th international conference on Database Systems for Advanced Applications
CODESSEAL: Compiler/FPGA approach to secure applications
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
Performance study of a compiler/hardware approach to embedded systems security
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
Software-Based copy protection for temporal media during dissemination and playback
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Defending embedded systems with software symbiotes
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
What if you can't trust your network card?
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
An improved secure code encryption approach based on indexed table
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Software protection for dynamically-generated code
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
Zero-day malware detection based on supervised learning algorithms of API call signatures
AusDM '11 Proceedings of the Ninth Australasian Data Mining Conference - Volume 121
Hi-index | 0.00 |
Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).