发布求助
文献互助 智能选刊 最新文献

2015 IEEE/ACM 1st International Workshop on Software Protection最新文献

筛选
英文 中文
Using Virtual Machine Protections to Enhance Whitebox Cryptography 使用虚拟机保护增强白盒加密
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.12
Joseph Gan, R. Kok, P. Kohli, Yun Ding, Benjamin Mah
{"title":"Using Virtual Machine Protections to Enhance Whitebox Cryptography","authors":"Joseph Gan, R. Kok, P. Kohli, Yun Ding, Benjamin Mah","doi":"10.1109/SPRO.2015.12","DOIUrl":"https://doi.org/10.1109/SPRO.2015.12","url":null,"abstract":"Since attackers can gain full control of the mobile execution environment, they are able to examine the inputs, outputs, and, with the help of a disassembler/debugger the result of every intermediate computation a cryptographic algorithm carries out. Essentially, attackers have total visibility into the cryptographic operation. Whitebox cryptography aims at protecting keys from disclosed in software implementation. With theoretically unbounded resources a determined attacker is able to recover any confidential keys and data. A strong whitebox cipher implementation as the cornerstone of security is essential for the overall security in mobile environments. Our goal is to provide an increased degree of protection given the constraints of a software solution and the resource constrained, hostile-host environments. We seek neither perfect protection nor long-term guarantees, but rather a practical level of protection to balance cost, security and usability. Regular software updates can be applied such that the protection will need to withstand a limited period of time. V-OS operates as a virtual machine (VM) within the native mobile operating system to provide a secure software environment within which to perform critical processes and computations for a mobile app.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121266165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Assessment of Data Obfuscation with Residue Number Coding 残数编码对数据混淆的评估
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.15
Biniam Fisseha Demissie, M. Ceccato, Roberto Tiella
{"title":"Assessment of Data Obfuscation with Residue Number Coding","authors":"Biniam Fisseha Demissie, M. Ceccato, Roberto Tiella","doi":"10.1109/SPRO.2015.15","DOIUrl":"https://doi.org/10.1109/SPRO.2015.15","url":null,"abstract":"Software obfuscation was proposed as a technique to mitigate the problem of malicious code tampering, by making code more difficult to understand and consequently more difficult to alter. In particular, \"residue number coding\" encodes program variables to hide their actual values, while supporting operations in the encoded domain. Some computations on encoded variables can proceed without the need to decode them back in the clear. Despite the obvious benefits of this approach, to the best of our knowledge, no implementation is available. In this paper, we describe our implementation of data obfuscation based on residue number coding. Moreover, we present an assessment of this obfuscation scheme in terms of performance overhead, when more and more program variables are subject to obfuscation.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126316974","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Matryoshka: Strengthening Software Protection via Nested Virtual Machines 通过嵌套虚拟机加强软件保护
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.11
S. Ghosh, Jason Hiser, J. Davidson
{"title":"Matryoshka: Strengthening Software Protection via Nested Virtual Machines","authors":"S. Ghosh, Jason Hiser, J. Davidson","doi":"10.1109/SPRO.2015.11","DOIUrl":"https://doi.org/10.1109/SPRO.2015.11","url":null,"abstract":"The use of virtual machine technology has become a popular approach for defending software applications from attacks by adversaries that wish to compromise the integrity and confidentiality of an application. In addition to providing some inherent obfuscation of the execution of the software application, the use of virtual machine technology can make both static and dynamic analysis more difficult for the adversary. However, a major point of concern is the protection of the virtual machine itself. The major weakness is that the virtual machine presents a inviting target for the adversary. If an adversary can render the virtual machine ineffective, they can focus their energy and attention on the software application. One possible approach is to protect the virtual machine by composing or nesting virtualization layers to impart virtual machine protection techniques to the inner virtual machines \"closest\" to the software application. This paper explores the concept and feasibility of nested virtualization for software protection using a high-performance software dynamic translation system. Using two metrics for measuring the strength of protection, the preliminary results show that nesting virtual machines can strengthen protection of the software application. While the nesting of virtual machines does increase run-time overhead, initial results indicate that with careful application of the technique, run-time overhead could be reduced to reasonable levels.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125383485","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Automatic Discovery of Software Attacks via Backward Reasoning 基于逆向推理的软件攻击自动发现
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.17
C. Basile, D. Canavese, Jérôme d'Annoville, B. D. Sutter, Fulvio Valenza
{"title":"Automatic Discovery of Software Attacks via Backward Reasoning","authors":"C. Basile, D. Canavese, Jérôme d'Annoville, B. D. Sutter, Fulvio Valenza","doi":"10.1109/SPRO.2015.17","DOIUrl":"https://doi.org/10.1109/SPRO.2015.17","url":null,"abstract":"Security risk management and mitigation are two of the most important items on several companies' agendas. In this scenario, software attacks pose a major threat to the reliable execution of services, thus bringing negative effects on businesses. This paper presents a formal model that allows the identification of all the attacks against the assets embedded in a software application. Our approach can be used to perform the identification of the threats that loom over the assets and help to determine the potential countermeasures, that is the protections to deploy for mitigating the risks. The proposed model uses a Knowledge Base to represent the software assets, the steps that can be executed to mount an attack and their relationships. Inference rules permit the automatic discovery of attack step combinations towards the compromised assets that are discovered using a backward programming methodology. This approach is very usable as the attack discovery is fully automatic, once the Knowledge Base is populated with the information regarding the application to protect. In addition, it has been proven highly efficient and exhaustive.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"100 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114305442","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Software Security: Squaring the Circle? 软件安全:解决问题?
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.8
B. Preneel
{"title":"Software Security: Squaring the Circle?","authors":"B. Preneel","doi":"10.1109/SPRO.2015.8","DOIUrl":"https://doi.org/10.1109/SPRO.2015.8","url":null,"abstract":"This paper considers the pure software solution to security. It compares the advantages and disadvantages of this approach to a range of solutions supported by hardware extensions to processors.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133972027","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Obfuscator-LLVM -- Software Protection for the Masses obfusator - llvm——大众软件保护
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.10
P. Junod, Julien Rinaldini, J. Wehrli, Julie Michielin
{"title":"Obfuscator-LLVM -- Software Protection for the Masses","authors":"P. Junod, Julien Rinaldini, J. Wehrli, Julie Michielin","doi":"10.1109/SPRO.2015.10","DOIUrl":"https://doi.org/10.1109/SPRO.2015.10","url":null,"abstract":"Software security with respect to reverse-engineering is a challenging discipline that has been researched for several years and which is still active. At the same time, this field is inherently practical, and thus of industrial relevance: indeed, protecting a piece of software against tampering, malicious modifications or reverse-engineering is a very difficult task. In this paper, we present and discuss a software obfuscation prototype tool based on the LLVM compilation suite. Our tool is built as different passes, where some of them have been open-sourced and are freely available, that work on the LLVM Intermediate Representation (IR) code. This approach brings several advantages, including the fact that it is language-agnostic and mostly independent of the target architecture. Our current prototype supports basic instruction substitutions, insertion of bogus control-flow constructs mixed with opaque predicates, control-flow flattening, procedures merging as well as a code tamper-proofing algorithm embedding code and data checksums directly in the control-flow flattening mechanism.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131291244","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 230
Making Advanced Software Protection Tools Usable for Non-experts 让非专家也能使用高级软件保护工具
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.9
B. D. Sutter
{"title":"Making Advanced Software Protection Tools Usable for Non-experts","authors":"B. D. Sutter","doi":"10.1109/SPRO.2015.9","DOIUrl":"https://doi.org/10.1109/SPRO.2015.9","url":null,"abstract":"We present the EU FP7 ASPIRE project, with a focus on its design of a decision support system that will enable non-expert users to configure a complex software protection tool chain to protect the assets in their software.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129515660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model 代码人为性:基于N-Gram模型的代码隐蔽性度量
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.14
Yuichiro Kanzaki, Akito Monden, C. Collberg
{"title":"Code Artificiality: A Metric for the Code Stealth Based on an N-Gram Model","authors":"Yuichiro Kanzaki, Akito Monden, C. Collberg","doi":"10.1109/SPRO.2015.14","DOIUrl":"https://doi.org/10.1109/SPRO.2015.14","url":null,"abstract":"This paper proposes a method for evaluating the artificiality of protected code by means of an N-gram model. The proposed artificiality metric helps us measure the stealth of the protected code, that is, the degree to which protected code can be distinguished from unprotected code. In a case study, we use the proposed method to evaluate the artificiality of programs that are transformed by well-known obfuscation techniques. The results show that static obfuscating transformations (e.g., Control flow flattening) have little effect on artificiality. However, dynamic obfuscating transformations (e.g., Code encryption), or a technique that inserts junk code fragments into the program, tend to increase the artificiality, which may have a significant impact on the stealth of the code.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134562567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
A Framework for Measuring Software Obfuscation Resilience against Automated Attacks 测量软件混淆抗自动攻击弹性的框架
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.16
Sebastian Banescu, Martín Ochoa, A. Pretschner
{"title":"A Framework for Measuring Software Obfuscation Resilience against Automated Attacks","authors":"Sebastian Banescu, Martín Ochoa, A. Pretschner","doi":"10.1109/SPRO.2015.16","DOIUrl":"https://doi.org/10.1109/SPRO.2015.16","url":null,"abstract":"Software obfuscation of programs, with the goal of protecting against attackers having physical access to the machine executing them, is a common practice motivated by the necessity of keeping intellectual property (such as business critical algorithms) and critical data (such as cryptographic keys) secret. However, as of today, it is unclear how secure popular obfuscation operators are relative to each other or to other protection techniques. In this paper we propose a formal framework to characterize attacker models and guarantees, inspired by similar notions from cryptography. We then map prior work in the area of deobfuscation to our formal model to the possible extent. We also perform a case-study about using symbolic execution for deobfuscation, concretely mapped onto our formal model.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"135 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132714812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Infections as Abstract Symbolic Finite Automata: Formal Model and Applications 作为抽象符号有限自动机的感染:形式模型与应用
2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI: 10.1109/SPRO.2015.18
M. Preda, Isabella Mastroeni
{"title":"Infections as Abstract Symbolic Finite Automata: Formal Model and Applications","authors":"M. Preda, Isabella Mastroeni","doi":"10.1109/SPRO.2015.18","DOIUrl":"https://doi.org/10.1109/SPRO.2015.18","url":null,"abstract":"In this paper, we propose a methodology, based on machine learning, for building a symbolic finite state automata-based model of infected systems, that expresses the interaction between the malware and the environment by combining in the same model the code and the semantics of a system and allowing to tune both the system and the malware code observation. Moreover, we show that this methodology may have several applications in the context of malware detection.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"144 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116076900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信