TY - GEN
T1 - A software protection method based on time-sensitive code and self-modification mechanism
AU - Kanzaki, Yuichiro
AU - Monden, Akito
PY - 2010/12/1
Y1 - 2010/12/1
N2 - This paper proposes a systematic method for protecting software against malicious reverse engineering attacks. Our method aims to increase the cost of obtaining secret information in a program on the assumption that the adversaries have the ability to perform dynamic analysis as much as static analysis. A program protected by our method contains many time-sensitive codes, which are overwritten with fake (dummy) codes. Each time-sensitive code is modified during execution via self-modification according to the time taken to execute a designated block of the program. If the execution time of the block is within the predetermined range, the time-sensitive code becomes the original one. On the other hand, if the execution time is out of the range, the time-sensitive code becomes the other fake one. In order to obtain the secret information by static analysis, the adversary must find the routines that modify timesensitive codes which are scattered over the program, and must guess the predetermined valid execution time of the target blocks. In order to obtain the secret information by dynamic analysis, the adversary must make the execution reach the restricted points of the program without stopping the execution. As a result, our method helps to construct highly invulnerable software.
AB - This paper proposes a systematic method for protecting software against malicious reverse engineering attacks. Our method aims to increase the cost of obtaining secret information in a program on the assumption that the adversaries have the ability to perform dynamic analysis as much as static analysis. A program protected by our method contains many time-sensitive codes, which are overwritten with fake (dummy) codes. Each time-sensitive code is modified during execution via self-modification according to the time taken to execute a designated block of the program. If the execution time of the block is within the predetermined range, the time-sensitive code becomes the original one. On the other hand, if the execution time is out of the range, the time-sensitive code becomes the other fake one. In order to obtain the secret information by static analysis, the adversary must find the routines that modify timesensitive codes which are scattered over the program, and must guess the predetermined valid execution time of the target blocks. In order to obtain the secret information by dynamic analysis, the adversary must make the execution reach the restricted points of the program without stopping the execution. As a result, our method helps to construct highly invulnerable software.
KW - Program camouflage
KW - Program obfuscation
KW - Self-modification
KW - Software protection
KW - Software security
UR - http://www.scopus.com/inward/record.url?scp=84862299858&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84862299858&partnerID=8YFLogxK
U2 - 10.2316/P.2010.725-048
DO - 10.2316/P.2010.725-048
M3 - Conference contribution
AN - SCOPUS:84862299858
SN - 9780889868786
T3 - Proceedings of the IASTED International Conference on Software Engineering and Applications, SEA 2010
SP - 325
EP - 331
BT - Proceedings of the IASTED International Conference on Software Engineering and Applications, SEA 2010
T2 - IASTED International Conference on Software Engineering and Applications, SEA 2010
Y2 - 8 November 2010 through 10 November 2010
ER -