Towards Checking Tampering of Software

Measuring integrity of software after deployment is important to ensure that software is not tampered with. Software tampering problem manifests itself in different ways: (i) done by an attacker to harm the user/system (e.g., infection by virus), and (ii) done by the user himself to use the software in ways that the creator of software did not intend/permit (e.g., tamper the software to bypass checks for subscription). In either case, software tampering can result in a great loss to resources, reputation, etc. and is a serious problem that demands robust solutions. Software providers would want to measure integrity of their software and also the environment in which it executes. This would help to ensure that the user does not tamper with the software so as to use it in unintended ways. For example, unlocking certain restricted features in a demo version. In Kosar, Christodorescu, & Iverson (2003), authors present a mechanism to bypass license checks usABSTRACT

[1]  Edward W. Felten,et al.  Lessons from the Sony CD DRM Episode , 2006, USENIX Security Symposium.

[2]  R. K. Shyamasundar,et al.  Malware: From Modelling to Practical Detection , 2010, ICDCIT.

[3]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[4]  Xiangyu Zhang,et al.  Dynamic slicing long running programs through execution fast forwarding , 2006, SIGSOFT '06/FSE-14.

[5]  Sencun Zhu,et al.  Behavior based software theft detection , 2009, CCS.

[6]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[7]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[8]  Alessandro Neri,et al.  Cancellable Biometrics for On-line Signature Recognition , 2011 .

[9]  Constantine Kotropoulos,et al.  Telephone Handset Identification by Collaborative Representations , 2013, Int. J. Digit. Crime Forensics.

[10]  Daniel Shawcross Wilkerson,et al.  Winnowing: local algorithms for document fingerprinting , 2003, SIGMOD '03.

[11]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[12]  Stefan Katzenbeisser,et al.  Detecting Malicious Code by Model Checking , 2005, DIMVA.

[13]  Akito Monden,et al.  Dynamic Software Birthmarks to Detect the Theft of Windows Applications , 2004 .

[14]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[15]  Akito Monden,et al.  Design and evaluation of birthmarks for detecting theft of java programs , 2004, IASTED Conf. on Software Engineering.

[16]  Pradeep K. Khosla,et al.  Externally verifiable code execution , 2006, CACM.

[17]  Michael Philippsen,et al.  Finding Plagiarisms among a Set of Programs with JPlag , 2002, J. Univers. Comput. Sci..

[18]  David Park,et al.  Concurrency and Automata on Infinite Sequences , 1981, Theoretical Computer Science.

[19]  Akito Monden,et al.  Design and evaluation of dynamic software birthmarks based on API calls , 2007 .

[20]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[21]  Jens Krinke,et al.  Identifying similar code with program dependence graphs , 2001, Proceedings Eighth Working Conference on Reverse Engineering.

[22]  Christopher Krügel,et al.  Behavior-based Spyware Detection , 2006, USENIX Security Symposium.

[23]  David Schuler,et al.  A dynamic birthmark for java , 2007, ASE.

[24]  Emin Gün Sirer,et al.  Nexus: a new operating system for trustworthy computing , 2005, SOSP '05.

[25]  Brenda S. Baker,et al.  On finding duplication and near-duplication in large software systems , 1995, Proceedings of 2nd Working Conference on Reverse Engineering.

[26]  Leah H. Jamieson,et al.  Establishing the Genuinity of Remote Computer Systems , 2003, USENIX Security Symposium.

[27]  Christian S. Collberg,et al.  Detecting Software Theft via Whole Program Path Birthmarks , 2004, ISC.

[28]  Michael Stepp,et al.  Dynamic path-based software watermarking , 2004, PLDI '04.

[29]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[30]  Philip S. Yu,et al.  GPLAG: detection of software plagiarism by program dependence graph analysis , 2006, KDD '06.