Self-adjusting binary search trees
Journal of the ACM (JACM)
Computer architecture: a quantitative approach
Computer architecture: a quantitative approach
Operating system protection through program evolution
Computers and Security
Optimizing an ANSI C interpreter with superoperators
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Decompilation of binary programs
Software—Practice & Experience
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Software watermarking: models and dynamic embeddings
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
A Graph Theoretic Approach to Software Watermarking
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Oblivious Hashing: A Stealthy Software Integrity Verification Primitive
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protecting Software Code by Guards
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protection of Software-Based Survivability Mechanisms
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs
ISC '01 Proceedings of the 4th International Conference on Information Security
System structure for software fault tolerance
Proceedings of the international conference on Reliable software
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Breaking Abstractions and Unstructuring Data Structures
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Sandmark--A Tool for Software Protection Research
IEEE Security and Privacy
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
Exploiting Self-Modification Mechanism for Program Protection
COMPSAC '03 Proceedings of the 27th Annual International Conference on Computer Software and Applications
An abstract interpretation-based framework for software watermarking
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Software piracy prevention through diversity
Proceedings of the 4th ACM workshop on Digital rights management
Randomized instruction set emulation
ACM Transactions on Information and System Security (TISSEC)
A Generic Attack on Checksumming-Based Software Tamper Resistance
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
A model for self-modifying code
IH'06 Proceedings of the 8th international conference on Information hiding
Software protection through dynamic code mutation
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Proceedings of the 9th workshop on Multimedia & security
Data structures for limited oblivious execution of programs while preserving locality of reference
Proceedings of the 2007 ACM workshop on Digital Rights Management
The Superdiversifier: Peephole Individualization for Software Protection
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Obfuscating straight line arithmetic programs
Proceedings of the nineth ACM workshop on Digital rights management
Tamper-Tolerant Software: Modeling and Implementation
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Run-time randomization to mitigate tampering
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
A graph game model for software tamper protection
IH'07 Proceedings of the 9th international conference on Information hiding
A secure and robust approach to software tamper resistance
IH'10 Proceedings of the 12th international conference on Information hiding
Replacement attacks against VM-protected applications
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Feedback-driven binary code diversification
ACM Transactions on Architecture and Code Optimization (TACO) - Special Issue on High-Performance Embedded Architectures and Compilers
Software protection for dynamically-generated code
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
GHUMVEE: efficient, effective, and flexible replication
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
DIVILAR: diversifying intermediate language for anti-repackaging on android platform
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
Despite huge efforts by software providers, software protection mechanisms are still broken on a regular basis. Due to the current distribution model, an attack against one copy of the software can be reused against any copy of the software. Diversity is an important tool to overcome this problem. It allows for renewable defenses in space, by giving every user a different copy, and renewable defenses in time when combined with tailored updates. This paper studies the possibilities and limitations of using virtualization to open a new set of opportunities to make diverse copies of a piece of software and to make individual copies more tamper-resistant. The performance impact is considerable and indicates that these techniques are best avoided in performance-critical parts of the code.