Protecting Software Code by Guards

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).

[1]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[2]  Bennet S. Yee,et al.  Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.

[3]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[4]  Steve R. White,et al.  ABYSS: An Architecture for Software Protection , 1990, IEEE Trans. Software Eng..

[5]  Christian S. Collberg,et al.  Breaking abstractions and unstructuring data structures , 1998, Proceedings of the 1998 International Conference on Computer Languages (Cat. No.98CB36225).

[6]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[7]  Dieter Gollmann,et al.  Software License Management with Smart Cards , 1999, Smartcard.

[8]  Josh MacDonald On Program Security and Obfuscation , 1998 .

[9]  Jack W. Davidson,et al.  Software Tamper Resistance: Obstructing Static Analysis of Programs , 2000 .

[10]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[11]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[12]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[13]  Eiji Okamoto,et al.  A tentative approach to constructing tamper-resistant software , 1998, NSPW '97.