Barrier Slicing for Remote Software Trusting

Ceccato, Mariano; Preda, Mila Dalla; Nagra, Jasvir; Collberg, Christian; Tonella, Paolo

doi:10.1109/scam.2007.4362895

Cited by 11 publications

(24 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This represents a well-known limitation of program slicing. However, previous studies (Ceccato et al 2007;Krinke 2003Krinke , 2004 report that barrier slices are sensibly smaller than traditional backward slices, which reduces the conservativity issue for our protection technique.…”

Section: Barrier Slicing For Remote Software Entrustingmentioning

confidence: 93%

“…The barrier slicing solution proposed in (Ceccato et al 2007) uses a completely different approach, in fact it does not rely on any hardware or any precise time computation, which is hard to achieve in the presence of non-collaborative users. The idea here is to use barrier slicing and program transformations to ensure that the critical portion of the client computation that cannot be protected through assertions is executed on the server.…”

Section: Existing Solutionsmentioning

confidence: 99%

“…The core idea of the solution proposed in (Ceccato et al 2007) is to move to the server the portion (slice) of application P that maintains the variables in Unsafe. This ensures that attackers cannot access the variables in Unsafe and therefore it prevents attackers from tampering with them.…”

Section: Barrier Slicing To Protect Unsafe Substatementioning

confidence: 99%

“…A possible solution is to use program slicing to identify the remaining portion of the client that cannot be verified through assertions, but that is still sensitive. The idea is to move this relevant part of the application from the client to the server, so it can be run untampered (Ceccato et al 2007). A similar approach was used by Zhang and Gupta in order to prevent software piracy (Zhang and Gupta 2003).…”

mentioning

confidence: 99%

“…The values of the variables secured in this way can act as barriers and slice computation based on the transitive closure of program dependencies can stop at such barriers, since the server knows these values and is sure that they can be trusted. After computing the barrier slices, program transformations are applied to generate the secured client and the corresponding server (Ceccato et al 2007). If, on the one hand, moving the barrier slice is the optimal solution with regards to security, on the other hand it imposes a performance overhead.…”

mentioning

confidence: 99%

See 4 more Smart Citations

Trading-off security and performance in barrier slicing for remote software entrusting

et al. 2009

Self Cite

View full text Add to dashboard Cite

Network applications often require that a trust relationship is established between a trusted host (e.g., the server) and an untrusted host (e.g., the client). The remote entrusting problem is the problem of ensuring the trusted host that whenever a request from an untrusted host is served, the requester is in a genuine state, unaffected by malicious modifications or attacks.Barrier slicing helps solve the remote entrusting problem. The computation of the sensitive client state is sliced and moved to the server, where it is not possible to tamper with it. However, this solution might involve unacceptable computation and communication costs for the server, especially when the slice to be moved is large. In this paper, we investigate the trade-off between security loss and performance overhead associated with moving only a portion of the barrier slice to the server and we show that this trade-off can be reduced to a multi-objective optimization problem. We describe how to make decisions in practice with reference to a case study, for which we show how to choose among the alternative options.

show abstract

Section: Barrier Slicing For Remote Software Entrustingmentioning

confidence: 93%

Section: Existing Solutionsmentioning

confidence: 99%

Section: Barrier Slicing To Protect Unsafe Substatementioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations

Trading-off security and performance in barrier slicing for remote software entrusting

et al. 2009

Self Cite

View full text Add to dashboard Cite

show abstract

Towards Automatic Risk Analysis and Mitigation of Software Applications

Regano

Canavese

Basile

et al. 2016

Information Security Theory and Practice

View full text Add to dashboard Cite

This paper proposes a novel semi-automatic risk analysis approach that not only identifies the threats against the assets in a software application, but it is also able to quantify their risks and to suggests the software protections to mitigate them. Built on a formal model of the software, attacks, protections and their relationships, our implementation has shown promising performance on real world applications. This work represents a first step towards a user-friendly expert system for the protection of software applications.

show abstract

Obfuscated integration of software protections

Broeck

Coppens

Sutter

2020

Int. J. Inf. Secur.

View full text Add to dashboard Cite

To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well-known, however, that attackers can exploit the modular nature of applications and their protections to speed up the identification and comprehension process of the relevant code, the assets, and the applied protections. To counter that exploitation of modularity at different levels of granularity, the boundaries between the modules in the program need to be obfuscated. We propose to do so by combining three cross-boundary protection techniques that thwart the disassembly process and in particular the reconstruction of functions: code layout randomization, interprocedurally coupled opaque predicates, and code factoring with intraprocedural control flow idioms. By means of an elaborate experimental evaluation and an extensive sensitivity analysis on realistic use cases and state-of-the-art tools, we demonstrate our technique's potency and resilience to advanced attacks. All relevant code is publicly available online.

show abstract

Barrier Slicing for Remote Software Trusting

Cited by 11 publications

References 6 publications

Trading-off security and performance in barrier slicing for remote software entrusting

Trading-off security and performance in barrier slicing for remote software entrusting

Towards Automatic Risk Analysis and Mitigation of Software Applications

Obfuscated integration of software protections

Contact Info

Product

Resources

About