Truly-Protect: An Efficient VM-Based Software Protection

Averbuch, Amir; Kiperberg, Michael; Zaidenberg, Nezer Jacob

doi:10.1109/jsyst.2013.2260617

Cited by 11 publications

(6 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As we can see, related factor(1), (4), (5), (8) are mentioned by stochastic optimization of program obfuscation [23], related factor(2), (9) are mentioned by the power of obfuscation techniques in malicious JavaScript code: A Measurement Study [34]. In addition, related factor(3), (6), (7) are customized by us where factor(3) means use encryption algorithm encrypts source code, factor(6) decomposition and the complexity of computing processes to reduce readability, and factor(7) add code that does not execute only reduces the readability of the code.…”

Section: ) Contrastive Results Of Reverse Analysismentioning

confidence: 99%

“…The associate editor coordinating the review of this manuscript and approving it for publication was Chi- Yuan Chen . code reverse engineering [4], [5]. In recent years, code virtualization [6], [7] is emerging as a promising method for implementing code obfuscation. This technique translates the native instructions into bespoke virtual instructions to increase the strength of code obfuscation [8], [9].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Leveraging WebAssembly for Numerical JavaScript Code Virtualization

et al. 2019

View full text Add to dashboard Cite

Code obfuscation built upon code virtualization technology is one of the viable means for protecting sensitive algorithms and data against code reverse engineering attacks. Code virtualization has been successfully applied to programming languages like C, C++, and Java. However, it remains an outstanding challenge to apply this promising technique to JavaScript, a popular web programming language. This is primarily due to the open visibility of JavaScript code and the expensive runtime overhead associated with code virtualization. This paper presents JSPro, a novel code virtualization system for JavaScript. JSPro is the first JavaScript code obfuscation tool that builds upon the emerging WebAssembly language standard. It is designed to provide more secure code protection but without incurring a significant runtime penalty, explicitly targeting numerical JavaScript kernels. We achieve this by first automatically translating the target JavaScript code into WebAssembly and then performing code obfuscation on the compiled WebAssembly binary. Our design has two advantages over existing solutions: (1) it increases the code reverse entering complexity by implementing code obfuscation at a lower binary level and (2) it significantly reduces the performance impact of code virtualization over the native JavaScript code by using the performance-tuned WebAssembly language. We evaluate JSPro on a set of numerical JavaScript algorithms widely used in many applications. To test the performance, we apply JSPro to four mainstream web browsers running on three distinct mobile devices. Compared to state-of-the-art JavaScript obfuscation tools, JSPro not only provides stronger protection but also reduces the runtime overhead by at least 15% (up to 38.2%) and the code size by 28.2% on average.

show abstract

Section: ) Contrastive Results Of Reverse Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Leveraging WebAssembly for Numerical JavaScript Code Virtualization

et al. 2019

View full text Add to dashboard Cite

show abstract

“…TrulyProtect [3] for the ARM thin hypervisor offers an easy way to execute code in a secure environment in ARMv8-a, and does so in a way that does not require the user to modify the code. Unlike QSEE [20,21], the interaction with the secured area does not require any special preparations.…”

Section: Anti-reverse Engineeringmentioning

confidence: 99%

“…We measure malloc(3) [41] and free(3) [41], disk IO, file open(2) and close(2), memory access, and all these operations combined. It is important to note that the proposed system supports the use of any of these operations (malloc (3), open(2), write(2)) in an encrypted context; however, it does not offer to obfuscate them. This system localizes the obfuscation to some functions in a program.…”

Section: Predictabilitymentioning

confidence: 99%

See 1 more Smart Citation

Protection against reverse engineering in ARM

Yehuda

Zaidenberg

2019

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

With the advent of the mobile industry, we face new security challenges. ARM architecture is deployed in most mobile phones, homeland security, IoT, autonomous cars and other industries, providing a hypervisor API (via virtualization extension technology). To research the applicability of this virtualization technology for security in this platform is an interesting endeavor. The hypervisor API is an addition available for some ARMv7-a and is available with any ARMv8-a processor. Some ARM platforms also offer TrustZone, which is a separate exception level designed for trusted computing. However, TrustZone may not be available to engineers as some vendors lock it. We present a method of applying a thin hypervisor technology as a generic security solution for the most common operating system on the ARM architecture. Furthermore, we discuss implementation alternatives and differences, especially in comparison with the Intel architecture and hypervisor with Trust-Zone approaches. We provide performance benchmarks for using hypervisors for reverse engineering protection.

show abstract