Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”

Slides:

Advertisements

Similar presentations

Compliance and Robustness Rules for Windows Media DRM Implementations Microsoft Corporation.

Advertisements

Trusted System Elements and Examples CS461/ECE422 Fall 2011.

Operating System Security

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

1 SOFTWARE TESTING Przygotował: Marcin Lubawski. 2 Testing Process AnalyseDesignMaintainBuildTestInstal Software testing strategies Verification Validation.

Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.

Chapter 6 Security Kernels.

1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

Chapter 1 – Introduction

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 An Overview of Computer Security computer security.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

The Open Grid Service Architecture (OGSA) Standard for Grid Computing Prepared by: Haoliang Robin Yu.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Configuration Management

[ §4 : 1 ] 4. Requirements Processes II Overview 4.1Fundamentals 4.2Elicitation 4.3Specification 4.4Verification 4.5Validation Software Requirements Specification.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.

Storage Security and Management: Security Framework

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Prepared by: Dinesh Bajracharya Nepal Security and Control.

IST 210 Database Design Process IST 210 Todd S. Bacastow January 2005.

1 Chapter 9 Database Design. 2 2 In this chapter, you will learn: That successful database design must reflect the information system of which the database.

Chapter 4: Overview of Preventive Maintenance

Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.

Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

G53SEC 1 Reference Monitors Enforcement of Access Control.

VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Database Administration

Network Operating Systems : Tasks and Examples Instructor: Dr. Najla Al-Nabhan

AUTHORS – X. NIE, D. FENG, J. CHE, X. WANG PRESENTED BY- PREOYATI KHAN KENT STATE UNIVERSITY Design and Implementation of Security Operating System based.

Csci5233 computer security & integrity 1 An Overview of Computer Security.

CREATED BY – UPENDRA SHARMA

Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.

The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.

Protecting The Kernel Data through Virtualization Technology BY VENKATA SAI PUNDAMALLI id :

Presented by: Dr. Munam Ali Shah

Tamper Resistant Software: An Implementation By David Aucsmith, IAL In Information Hiding Workshop, RJ Anderson (ed), LNCS, 1174, pp , “Integrity.

On Hierarchical Design of Computer Systems for Critical Applications Peter Gabriel Neumann Presented by Bo Cui.

VMM Based Rootkit Detection on Android

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Overview of Database Security Introduction Security Problems Security Controls Designing Database Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Overview of Preventive Maintenance IT Essentials 5.0.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

The Open Grid Service Architecture (OGSA) Standard for Grid Computing

Computer Data Security & Privacy

ABYSS : An Architecture for Software Protection

Get Rid of a Trojan Horse? Even with a competent anti-virus installed, PCs could still be susceptible to malicious programs such.

Presentation transcript:

Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.” Presented by Weimin Yang 28 March 2001

Contents  Overview  Threat Model  Design Principles  Tamper Resistant Software Architecture –Integrity Verification Kernel –Interlocking Trust

Overview  Definition: “Tamper resistant software is software which is resistant to observation and modification.”  Approach to develop tamper resistant software: –Classify threat model –Develop design principles –Implement a set of tools

Threat Model (I)  Attack originates outside of the PC. –Bounded by communication protocol –Standard “hacker attack”. –Best defended by correctly designed and implemented protocols and proper administration.

Threat Model (II)  Attack originates as software running on the platform. –Bounded by operating system and BIOS –Try to attack classes of software –Virus or Trojan horse attack

Threat Model (III)  The perpetrator has complete control of the platform. –Limited by technical expertise and financial resources. –Raise a technological bar to providing poor return on their investment.

Technological Bars To model(III) a.) Use standard debuggers and system diagnostic tools b.) Use special debuggers such as softIce c.) Use processor emulator and bus logic analyzers

Design Principles  Software to be tamper resistant must be immune from observation and modification, this require it contains secret component and ensure the recovery of that secret is difficult.

Integrity Verification Kernel  “A small, armored segment of code which is designed to be included in a larger program and performs the following two functions:” 1. Verifies the integrity of code segments or programs. 2. Utilizes five defenses: –Interleaved tasks –Distributed secrets –Obfuscated code –Installation unique modifications –Non-deterministic behavior

Installation unique modifications  IVK is constructed at installation time. –Each instance of program contains different IVK. –To defend class attack.

Interlocking Trust  Integrity Verification Kernels  System Integrity Program –A program monitors the integrity of the security components of the computer system. –Contains eIVK which has a known entry point –Created at installation time  Integrity Verification Protocol –Used to establish a distributed trust environment.

System overview Program1Program 2 Integrity Program IVK eIVKIVK 1a 1b 1c 2a 2b 2c

Conclusion  Based on analysis of threat model, author invent an Integrity Verification Kernel which hide secretes both in space and time. Further more, using interlocking mechanism make the secretes more difficult to be discovered.

Why Installation unique modifications can be used to defend class attack? - Attacker may analysis a given program successfully but still can’t predict any other program looks like.