Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.

Published byNick Maberry Modified over 9 years ago

Similar presentations

Presentation on theme: "Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies."— Presentation transcript:

1 Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies

2 2/10 Introduction Self-checking (Self-validation or integrity checking) –While running, checks itself –Static Check its integrity only once, during start-up –Dynamic Repeatedly verifies its integrity as it is running Another protection techniques –Thwart reverse engineering Customization, obfuscation –Thwart debuggers and emulators Watermarking, fingerprinting

3 3/10 Related Work Obfuscation –To thwart reverse engineering Customization –Create many very different versions Software watermarking –Allow tracking of misused program copies Self-checking –Tamper-proofing, integrity checking, and anti-tampering technology

4 4/10 Design Objectives Goal –Eliminate single points of failure Functionality –Comprehensive and Timely Dynamic Detection –Separate, Flexible Response –Modular Components –Platform Independence –Insignificant Performance Degradation Goal is to have no more than a 5% impact on performance –Easy Integration –Suitable for a Large Codebase

5 5/10 Threat Model (1/2) Discovery –Static Inspection Stealthy and obfuscation –Use of Debuggers and Similar Software Tools Detects standard debuggers and responds appropriately –Detection of Reads into the Code Obfuscation –Generalization Customization –Collusion Corrector –Inspection of Installation Patches Corrector

6 6/10 Threat Model (2/2) Disablement –Modifying the Testers Redundant, overlapping coverage –Modifying the Response Mechanism Need more robust tamper-response mechanism –Modifying Correctors Multiple overlapping hash computations –Temporary Modifications Minimize this thread

7 7/10 Algorithm Design Tester –Interval : L2 cache size –Interleaved tasks Correctors and Intervals Tamper Response

8 8/10 Tester Design (1/2) Design Objectives –Lightweight Hash Functions –Multiple Hash Functions –Summarizable Hash Functions –Stealthy Testers Obfuscation, short tester –Resistance to Auto-collusion Short customized testers –Obfuscated Address Calculation Complex addressing modes –Harmless to Development stamped

9 9/10 Tester Design (2/2) Tester Construction and Customization –2,916,864 distinct tester implementations –Less than 50 bytes Tester Placement –Source-level tester placement –Profiling tools

10 10/10 Interval Construction Corrector Placement –Uniform distribution –Dead code Interval Definition –Corrector : n+k-1 Assignment of Testers to Intervals –Random permutation

Download ppt "Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies."

Similar presentations

A proposed Trusted-Flow system architecture with aspect-oriented implementation Paolo Falcarin, Mario Baldi Riccardo Scandariato, Maurizio Morisio (Politecnico.

A proposed Trusted-Flow system architecture with aspect-oriented implementation Paolo Falcarin, Mario Baldi Riccardo Scandariato, Maurizio Morisio (Politecnico.
Automating Software Module Testing for FAA Certification Usha Santhanam The Boeing Company.

Automating Software Module Testing for FAA Certification Usha Santhanam The Boeing Company.
Protecting Software Code By Guards - by Hoi Chang and Mikhail J. Atallah “Many software-based mechanisms for protecting program code are too weak[…] or.

Protecting Software Code By Guards - by Hoi Chang and Mikhail J. Atallah “Many software-based mechanisms for protecting program code are too weak[…] or.
VTS INNOVATOR SERIES Real Problems, Real solutions.

VTS INNOVATOR SERIES Real Problems, Real solutions.
Testing and Quality Assurance

Testing and Quality Assurance
© Chinese University, CSE Dept. Software Engineering / 1 - 1 Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.

© Chinese University, CSE Dept. Software Engineering / Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.
Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.

Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.
Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”

Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”
Abstract HyFS: A Highly Available Distributed File System Jianqiang Luo, Mochan Shrestha, Lihao Xu Department of Computer Science, Wayne State University.

Abstract HyFS: A Highly Available Distributed File System Jianqiang Luo, Mochan Shrestha, Lihao Xu Department of Computer Science, Wayne State University.
Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.

Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.
Software Construction

Software Construction
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.

Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.

Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.
1 SWE 205 - Introduction to Software Engineering Lecture 5.

1 SWE Introduction to Software Engineering Lecture 5.
7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.

7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.

Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.
University of Southern California Center for Software Engineering CSE USC ©USC-CSE 3/11/2002 Empirical Methods for Benchmarking High Dependability The.

University of Southern California Center for Software Engineering CSE USC ©USC-CSE 3/11/2002 Empirical Methods for Benchmarking High Dependability The.
20 February Detailed Design Implementation. Software Engineering Elaborated Steps Concept Requirements Architecture Design Implementation Unit test Integration.

20 February Detailed Design Implementation. Software Engineering Elaborated Steps Concept Requirements Architecture Design Implementation Unit test Integration.
Configuration Management

Configuration Management

Similar presentations

Ads by Google