Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security

IWSEC 2007: Advances in Information and Computer Security pp 153–168Cite as

Run-Time Randomization to Mitigate Tampering

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4752))

Abstract

The problem of defending software against tampering by a malicious host is not expected to be solved soon. Rather than trying to defend against the first attack, randomization tries to minimize the impact of a successful attack. Unfortunately, widespread adoption of this technique is hampered by its incompatibility with the current software distribution model, which requires identical physical copies. The ideas presented in this paper are a compromise between distributing identical copies and unique executions by diversifying at run time, based upon additional chaff input and variable program state. This makes it harder to zoom in on a point of interest and may fool an attacker into believing that he has succeeded, while the attack will work only for a short period of time, a small number of computers, or a subset of the input space.

This work is partially funded by the Institute for the Promotion of Innovation by Science and Technology in Flanders (IWT).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anckaert, B., Jakubowski, M., Venkatesan, R.: Proteus: virtualization for diversified tamper-resistance. In: The 6th ACM workshop on Digital Rights Management, pp. 47–58 (2006)

    Google Scholar 

  2. Avizienis, A., Chen, L.: On the implementation of N-version programming for software fault tolerance during execution. In: The 1st IEEE Computer Software and Applications Conference, pp. 149–155 (1977)

    Google Scholar 

  3. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)

    Google Scholar 

  4. Barrantes, E., Ackley, D., Forrest, S., Stefanovi, D.: Randomized instruction set emulation. ACM Trans. on Information and System Security 8(1), 3–40 (2005)

    Article  Google Scholar 

  5. Bhansali, S., Chen, W., de Jong, S., Edwards, A., Murray, R., Drinic, M., Mihocka, D., Chau, J.: Framework for instruction-level tracing and analysis of program executions. In: Virtual Execution Environments Conference (2006)

    Google Scholar 

  6. Chang, H., Atallah, M.: Protecting software code by guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 160–175. Springer, Heidelberg (2002)

    Google Scholar 

  7. Chen, Y., Venkatesan, R., Cary, M., Pang, R., Sinha, S., Jakubowski, M.: Oblivious hashing: a stealthy software integrity verification primitive. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 400–414. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Cohen, F.: Operating system evolution through program evolution. Computers and Security 12(6), 565–584 (1993)

    Article  Google Scholar 

  9. Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: The 25th Conference on Principles of Programming Languages, pp. 184–196 (1998)

    Google Scholar 

  10. Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-variant systems: A secretless framework for security through diversity. In: The 15th USENIX Security Symposium, pp. 105–120 (2006)

    Google Scholar 

  11. De Sutter, B., De Bus, B., De Bosschere, K.: Link-time binary rewriting techniques for program compaction. ACM Trans. on Programming Languages and Systems 27(5), 882–945 (2005)

    Article  Google Scholar 

  12. DiMarzio, J.F.: The Debugger’s Handbook. Auerbach Publications (2007)

    Google Scholar 

  13. Forrest, S., Somayaji, A., Ackley, D.: Building diverse computer systems. In: The Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997)

    Google Scholar 

  14. Gang, T., Yuqun, C., Jakubowski, M.: Delayed and controlled failures in tamper-resistant systems. In: The 8th Information Hiding Conference (2006)

    Google Scholar 

  15. Giffin, J., Christodorescu, M., Kruger, L.: Strengthening software self-checksumming via self-modifying code. In: The 21st Annual Computer Security Applications Conference, pp. 23–32 (2005)

    Google Scholar 

  16. Heffner, K., Collberg, C.: The obfuscation executive. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 428–440. Springer, Heidelberg (2004)

    Google Scholar 

  17. Horne, B., Matheson, L., Sheehan, C., Tarjan, R.: Dynamic self-checking techniques for improved tamper resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 141–159. Springer, Heidelberg (2002)

    Google Scholar 

  18. O’Donnell, A., Sethu, H.: On achieving software diversity for improved network security using distributed coloring algorithms. In: The 11th ACM conference on Computer and Communications Security, pp. 121–131 (2004)

    Google Scholar 

  19. Park, Y., Lee, G.: Repairing return address stack for buffer overflow protection. In: The 1st conference on Computing frontiers, pp. 335–342 (2004)

    Google Scholar 

  20. Pettis, K., Hansen, R.: Profile guided code positioning. In: The ACM conference on Programming Language Design and Implementation, pp. 16–27 (1990)

    Google Scholar 

  21. Randell, B.: System structure for software fault tolerance. SIGPLAN Notices 10(6), 437–449 (1975)

    Article  Google Scholar 

  22. Ronsse, M., De Bosschere, K.: Recplay: a fully integrated practical record/replay system. ACM Transactions Computer Systems 17(2), 133–152 (1999)

    Article  Google Scholar 

  23. Shacham, H., Page, M., Pfaff, B., Goh, E., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: The 11th ACM conference on Computer and communications security, pp. 298–307 (2004)

    Google Scholar 

  24. Sovarel, A., Evans, D., Paul, N.: Where is the FEEB? The effectiveness of instruction set randomization. In: The 14th USENIX Security Symposium, pp. 145–160 (2005)

    Google Scholar 

  25. Wurster, G., van Oorschot, P., Somayaji, A.: A generic attack on checksumming-based software tamper resistance. In: The 26th IEEE Symposium on Security and Privacy, pp. 127–138 (2005)

    Google Scholar 

  26. Zeller, A.: Why Programs Fail: A Guide to Systematic Debugging. Morgan Kaufmann, San Francisco (2005)

    Google Scholar 

  27. Zhou, Y., Main, A.: Diversity via code transformations: A solution for NGNA renewable security. In: NCTA - The National Show (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Ghent University, Electronics and Information Systems Department, Sint-Pietersnieuwstraat 41, 9000 Ghent, Belgium

    Bertrand Anckaert & Koen De Bosschere

  2. Microsoft Research, Cryptography and Anti-Piracy Group, One Microsoft Way, Redmond, WA 98052, USA

    Mariusz Jakubowski & Ramarathnam Venkatesan

Authors
  1. Bertrand Anckaert
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mariusz Jakubowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ramarathnam Venkatesan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Koen De Bosschere
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Atsuko Miyaji Hiroaki Kikuchi Kai Rannenberg

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Anckaert, B., Jakubowski, M., Venkatesan, R., De Bosschere, K. (2007). Run-Time Randomization to Mitigate Tampering. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds) Advances in Information and Computer Security. IWSEC 2007. Lecture Notes in Computer Science, vol 4752. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75651-4_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75651-4_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75650-7

  • Online ISBN: 978-3-540-75651-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation