论文信息 - Protecting Software Codes By Guards

Protecting Software Codes By Guards

Protection of software code against illegitimate modi cations by its users is a pressing issue to many software developers. Many softwarebased mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamperresilient and exible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing Parts of this research were supported by CERIAS and the Purdue Research Foundation. guards into Win32 executables. 1 Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).

Hoi Chang

[1] M. Kuhn,et al. The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[2] Bennet S. Yee,et al. Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.

[3] Sean W. Smith,et al. Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[4] Eiji Okamoto,et al. A tentative approach to constructing tamper-resistant software , 1998, NSPW '97.

[5] Dieter Gollmann,et al. Software License Management with Smart Cards , 1999, Smartcard.

[6] Christian S. Collberg,et al. A Taxonomy of Obfuscating Transformations , 1997 .

[7] David Aucsmith,et al. Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[8] Steve R. White,et al. ABYSS: An Architecture for Software Protection , 1990, IEEE Trans. Software Eng..

[9] Amit Sahai,et al. On the (im)possibility of obfuscating programs , 2001, JACM.

[10] Jack W. Davidson,et al. Software Tamper Resistance: Obstructing Static Analysis of Programs , 2000 .

[11] Christian S. Collberg,et al. Breaking abstractions and unstructuring data structures , 1998, Proceedings of the 1998 International Conference on Computer Languages (Cat. No.98CB36225).