Software Protection with Code Mobility

Cabutto, Alessandro; Falcarin, Paolo; Abrath, Bert; Coppens, Bart; Sutter, Bjorn De

doi:10.1145/2808475.2808481

Cited by 15 publications

(10 citation statements)

References 21 publications

(17 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Figure 1 visualizes the ASPIRE renewability architecture. It is based on code and data mobility, which builds on the existing concept of code mobility [15]. From the binary file of a client app or library that needs to be protected, parts of the statically allocated code and data sections are extracted.…”

Section: Attack Modelmentioning

confidence: 99%

“…This includes replacing the stub's address with the block's address in the GMRT, and then continuing execution at the entry of the block. All transfers out of a block are transformed into offset-independent code by adding a level of indirection [15].…”

Section: The Aspire Renewability Architecturementioning

confidence: 99%

“…Figure 2 depicts the tool flow that integrates the renewability framework with protections. Full black arrows denote the compiler and protection tool flow of code and data that includes basic code mobility [15] but without renewability. Dashed black arrows denote the generation of renewable code generators.…”

Section: Mobile Data Blocksmentioning

confidence: 99%

See 2 more Smart Citations

Code Renewability for Native Software Protection

Abrath

Coppens

Broeck

et al. 2020

ACM Trans. Priv. Secur.

Self Cite

View full text Add to dashboard Cite

Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications dynamically. Renewed and diversified code and data belonging to either the original application or to linked-in protections are delivered from a secure server to a client on demand. This results in frequent changes to the software components when they are under attack, thus making attacks harder. By supporting various forms of diversification and renewability, novel protection combinations become available, and existing combinations become stronger. The prototype implementation is evaluated on a number of industrial use cases. CCS Concepts: Security and privacy → Software reverse engineering; Digital rights management.

show abstract

Section: Attack Modelmentioning

confidence: 99%

Section: The Aspire Renewability Architecturementioning

confidence: 99%

See 1 more Smart Citation

Code Renewability for Native Software Protection

Abrath

Coppens

Broeck

et al. 2020

ACM Trans. Priv. Secur.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The ACTC's protections aim at defending against reverse-engineering, tampering, and cloning. They include code and data obfuscations [13], white-box cryptography (as also discussed in Section 4.2.8) [36], code mobility [41], code diversity, code guards, code renewability, remote attestation and migration of sensitive code to secure servers [42], use of custom instruction sets interpreted by virtual machines [37] (as also discussed in Section 4.2.8), anti-debugging by means of self-debuggers [27], and more.…”

Section: Validation On Software Protection Tool Chainmentioning

confidence: 99%

A meta-model for software protections and reverse engineering attacks

Basile

Canavese

Regano

et al. 2019

Journal of Systems and Software

Self Cite

View full text Add to dashboard Cite

Software protection techniques are used to protect valuable software assets against man-at-the-end attacks. Those attacks include reverse engineering to steal confidential assets, and tampering to break the software's integrity in unauthorized ways. While their ultimate aims are the original assets, attackers also target the protections along their attack path. To allow both humans and tools to reason about the strength of available protections (and combinations thereof) against potential attacks on concrete applications and their assets, i.e., to assess the true strength of layered protections, all relevant and available knowledge on the relations between the relevant aspects of protections, attacks, applications, and assets need to be collected, structured, and formalized. This paper presents a software protection meta-model that can be instantiated to construct a formal knowledge base that holds precisely that information. The presented meta-model is validated against existing models and taxonomies in the domain of software protection, and by means of prototype tools that we developed to help non-modelling-expert software defenders with populating a knowledge base and with extracting and inferring practically useful information from it. All discussed tools are available as open source, and we evaluate their use as part of a software protection work flow on an open source application and industrial use cases.

show abstract

“…Ch 1: In this challenge, an array is constructed by a block of code that is protected with an anti-debugging protection that prevents an attacker from attaching his own debugger to study the internal operation of the program [1]. Next, code mobility [7] is used to protect the XORing of this array with mobile data (i.e., data that is not present in the static program binary, but is downloaded from a secure server at run time). Mobile code also contains the invocation to .…”

Section: Data Collection From Public Challenge Winnermentioning

confidence: 99%

Understanding the behaviour of hackers while performing attack tasks in a professional setting and in a public challenge

et al. 2018

Self Cite

View full text Add to dashboard Cite

When critical assets or functionalities are included in a piece of software accessible to the end users, code protections are used to hinder or delay the extraction or manipulation of such critical assets. The process and strategy followed by hackers to understand and tamper with protected software might differ from program understanding for benign purposes. Knowledge of the actual hacker behaviours while performing real attack tasks can inform better ways to protect the software and can provide more realistic assumptions to the developers, evaluators, and users of software protections.

show abstract

Software Protection with Code Mobility

Cited by 15 publications

References 21 publications

Code Renewability for Native Software Protection

Code Renewability for Native Software Protection

A meta-model for software protections and reverse engineering attacks

Understanding the behaviour of hackers while performing attack tasks in a professional setting and in a public challenge

Contact Info

Product

Resources

About