Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting Software Code By Guards Hoi Chang and Mikhail J. Atallah CERIAS, Purdue University and Arxan Technologies, Inc.

Published bySara Kelley Modified over 8 years ago

Similar presentations

Presentation on theme: "Protecting Software Code By Guards Hoi Chang and Mikhail J. Atallah CERIAS, Purdue University and Arxan Technologies, Inc."— Presentation transcript:

1 Protecting Software Code By Guards Hoi Chang and Mikhail J. Atallah CERIAS, Purdue University and Arxan Technologies, Inc. {changh,mja}@cerias.purdue.edu

2 2/11 Contents  Introduction  Related work  The guarding framework  Description of system  Experimental result  Conclusion

3 3/11 Introduction  Existing TRS  Single point of failure or high cost  Protection mechanisms should have …  Resilience: no single point of failure, hard to disable  Self-defense: detect tampering  Configurability: customizable  White-box security: security based on secret key  Network of Guards  Security is shared among all guard  Many ways to form a network  More guard  greater level of security

4 4/11 Related work  Hardware based protection  Coprocessor  Smart card  Dongles  Software based protection  Code obfuscation  Self-modifying code  Code encryption/decryption

5 5/11 The guarding framework (1/2)  Guards  Checksum code: 1-way property  Repair code  Strengthening individual guards  Stealthiness  Guard templates: polymorphic instance  Delayed alarm upon detection of an attack  Blurred boundaries between the runtime code and data  Tamper-resistance  Guard protect itself (not by other guards)  Code obfuscation

6 6/11 The guarding framework (2/2)  Guards network  Security  Distributedness  Multiplicity  Dynamism  Scalability  Strengthening the network  Without any “loose end” (unprotected guards)  Strongly connected graph

7 7/11 Description of system (1/2)  Version 1.0 for protecting Win32 executables  Automated guard installation  Process Win32 binary code directly  Guard template: object code stored in database Unguarded Win32 EXE Guard graph specification Guard Installation System Guarded Win32 executable The guarding system guard: add ebp, -checksum mov eax, client_addr for: cmp eax, client_end jg end mov ebx, dword[eax] add ebp, ebx add eax, 4 jmp for End: Guard template

8 8/11 Description of system (2/2) Memory Layout of guarded program (307 guards)

9 9/11 Experimental result (1/2)  Impact on program size  Proportional to the number of installed guards and their average size  Storage space is not a problem to guarding Statistics of the guarded programs and their guards

10 10/11 Experimental result (2/2)  Impacts on program performance Increases in execution time of controlled and uncontrolled guard invocations

11 11/11 Conclusion  Software based TRS by Guards  Distributed protection  Variety of protection schemes  Configurable tamper-resistance  Our TRS provides...  Automated guard installation in Win32 executables  With configurable manner  Graphical user interface

Download ppt "Protecting Software Code By Guards Hoi Chang and Mikhail J. Atallah CERIAS, Purdue University and Arxan Technologies, Inc."

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Module 1: Introduction to SQL Server Reporting Services.

Module 1: Introduction to SQL Server Reporting Services.
Protecting Software Code By Guards - by Hoi Chang and Mikhail J. Atallah “Many software-based mechanisms for protecting program code are too weak[…] or.

Protecting Software Code By Guards - by Hoi Chang and Mikhail J. Atallah “Many software-based mechanisms for protecting program code are too weak[…] or.
Remote Controlled Agent Avital Yachin Ran Didi SoftLab – June 2006.

Remote Controlled Agent Avital Yachin Ran Didi SoftLab – June 2006.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
Building Secure, DRM-Enabled Devices Avni Rambhia Program Manager John C. Simmons Program Manager Strategic Relations & Policy Windows Client Division.

Building Secure, DRM-Enabled Devices Avni Rambhia Program Manager John C. Simmons Program Manager Strategic Relations & Policy Windows Client Division.
Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.

Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.
Moving Target Defense in Cyber Security

Moving Target Defense in Cyber Security
Dec 5, 2007University of Virginia1 Efficient Dynamic Tainting using Multiple Cores Yan Huang University of Virginia Dec. 5 2007.

Dec 5, 2007University of Virginia1 Efficient Dynamic Tainting using Multiple Cores Yan Huang University of Virginia Dec
Autonomic Systems Justin Moles, Winter 2006 Security in an Autonomic Computing Environment Paper by: D. M. Chess, C. C. Palmer S. R. White Presentation.

Autonomic Systems Justin Moles, Winter 2006 Security in an Autonomic Computing Environment Paper by: D. M. Chess, C. C. Palmer S. R. White Presentation.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.

Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
1 IBM SanFrancisco Product Evaluation Negotiated Option Presentation By Les Beckford May 2001.

1 IBM SanFrancisco Product Evaluation Negotiated Option Presentation By Les Beckford May 2001.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.

1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.
©TheMcGraw-Hill Companies, Inc. Permission required for reproduction or display. COMPSCI 125 Introduction to Computer Science I.

©TheMcGraw-Hill Companies, Inc. Permission required for reproduction or display. COMPSCI 125 Introduction to Computer Science I.
Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (http://www.cs.umn.edu/Ajanta/publications.html)http://www.cs.umn.edu/Ajanta/publications.html.

Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (
Copyright ©2009 Opher Etzion Event Processing Course Engineering and implementation considerations (related to chapter 10)

Copyright ©2009 Opher Etzion Event Processing Course Engineering and implementation considerations (related to chapter 10)
14 - 1 Chapter 14 The Second Component: The Database.

Chapter 14 The Second Component: The Database.

Similar presentations

Ads by Google