Skip to main content
SpringerLink
Log in

A Secure and Robust Approach to Software Tamper Resistance

  • Conference paper
Information Hiding (IH 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6387))

Included in the following conference series:

Abstract

Software tamper-resistance mechanisms have increasingly assumed significance as a technique to prevent unintended uses of software. Closely related to anti-tampering techniques are obfuscation techniques, which make code difficult to understand or analyze and therefore, challenging to modify meaningfully. This paper describes a secure and robust approach to software tamper resistance and obfuscation using process-level virtualization. The proposed techniques involve novel uses of software check summing guards and encryption to protect an application. In particular, a virtual machine (VM) is assembled with the application at software build time such that the application cannot run without the VM. The VM provides just-in-time decryption of the program and dynamism for the application’s code. The application’s code is used to protect the VM to ensure a level of circular protection. Finally, to prevent the attacker from obtaining an analyzable snapshot of the code, the VM periodically discards all decrypted code. We describe a prototype implementation of these techniques and evaluate the run-time performance of applications using our system. We also discuss how our system provides stronger protection against tampering attacks than previously described tamper-resistance approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anckaert, B., Jakubowski, M., Venkatesan, R.: Proteus: virtualization for diversified tamper-resistance. In: DRM 2006: ACM Workshop on Digital Rights Management, pp. 47–58. ACM, New York (2006)

    Google Scholar 

  2. Aucsmith, D.: Tamper resistant software:An implementation. In: 1st International Workshop on Information Hiding, pp. 317–333. Springer, London (1996)

    Chapter  Google Scholar 

  3. Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a white box AES implementation. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 227–240. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  4. Biondi, P., Fabrice, D.: Silver needle in the skype. In: Black Hat Europe, Amsterdam, the Netherlands (2006)

    Google Scholar 

  5. Cappaert, J., Preneel, B., Anckaert, B., Madou, M., Bosschere, K.D.: Towards tamper resistant code encryption: Practice and experience. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 86–100. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: CCS 2009: 16th ACM Conference on Computer and Communications Security, pp. 400–409. ACM, New York (2009)

    Google Scholar 

  7. Chang, H., Atallah, M.: Protecting software code by guards. In: ACM Workshop on Security and Privacy in Digital Rights Management, pp. 160–175 (2000)

    Google Scholar 

  8. Chow, S., Eisen, P.A., Johnson, H., Oorschot, P.C.v.: White-box cryptography and an AES implementation. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient and stealthy opaque constructs. In: POPL 1998: 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 184–196. ACM Press, New York (1998)

    Google Scholar 

  10. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: SOSP 2003: 19th ACM Symposium on Operating Systems Principles, pp. 193–206. ACM Press, New York (2003)

    Google Scholar 

  11. Giffin, J.T., Christodorescu, M., Kruger, L.: Strengthening software self-checksumming via self-modifying code. In: ACSAC 2005: 21st Annual Computer Security Applications Conference, pp. 23–32. IEEE Computer Society, Washington (2005)

    Google Scholar 

  12. Horne, B., Matheson, L.R., Sheehan, C., Tarjan, R.E.: Dynamic self-checking techniques for improved tamper resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 141–159. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Jacob, M., Jakubowski, M.H., Venkatesan, R.: Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings. In: MM&Sec 2007: 9th Workshop on Multimedia & Security, pp. 129–140. ACM, New York (2007)

    Google Scholar 

  14. Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: CCS 2003: 10th ACM Conference on Computer and Communications Security (CCS), pp. 290–299. ACM Press, Washington (2003)

    Google Scholar 

  15. Madou, M., Anckaert, B., Moseley, P., Debray, S., De Sutter, B., De Bosschere, K.: Software protection through dynamic code mutation. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 194–206. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Quynh, N.A.: Hijacking (Xen) virtual machine for fun and profit. In: Bellua Security Conference, Jakarta, Indonesia (2007)

    Google Scholar 

  17. Scott, K., Kumar, N., Velusamy, S., Childers, B., Davidson, J.W., Soffa, M.L.: Retargetable and reconfigurable software dynamic translation. In: CGO 2003: International Symposium on Code Generation and Optimization, pp. 36–47. IEEE Computer Society, Washington (2003)

    Chapter  Google Scholar 

  18. Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. In: ASPLOS 2000: 9th International Conference on Architectural Support for Programming Languages and Operating Systems, vol. 35, pp. 168–177. ACM, New York (2000)

    Google Scholar 

  19. Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. In: SOSP 2005: 20th ACM Symposium on Operating Systems Principles, vol. 39, pp. 1–16. ACM Press, New York (December 2005)

    Google Scholar 

  20. Wurster, G., Oorschot, P.C.v., Somayaji, A.: A generic attack on checksumming-based software tamper resistance. In: SP 2005: 2005 IEEE Symposium on Security and Privacy, pp. 127–138. IEEE Computer Society, Washington (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Virginia, 151 Engineer’s Way, Charlottesville, VA-22904

    Sudeep Ghosh, Jason D. Hiser & Jack W. Davidson

Authors
  1. Sudeep Ghosh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jason D. Hiser
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jack W. Davidson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. International Computer Science Institute, 1947 Center Street, Suite 600, CA 94704, Berkeley, USA

    Rainer Böhme

  2. Department of Computer Science, University of Calgary, 2500 University Drive NW, T2N 1N4, Calgary, AB, Canada

    Philip W. L. Fong  & Reihaneh Safavi-Naini  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ghosh, S., Hiser, J.D., Davidson, J.W. (2010). A Secure and Robust Approach to Software Tamper Resistance. In: Böhme, R., Fong, P.W.L., Safavi-Naini, R. (eds) Information Hiding. IH 2010. Lecture Notes in Computer Science, vol 6387. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16435-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16435-4_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16434-7

  • Online ISBN: 978-3-642-16435-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation