Protecting Software Code by Guards
Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).
KeywordsSmart Card Protection Scheme Software Code Software Piracy Runtime Performance
Unable to display preview. Download preview PDF.
- 1.David Aucsmith. Tamper-resistance software: an implementation. In Ross Anderson, editor, Information Hiding — Proceedings of the First International Workshop, volume 1174 of LNCS, pages 317–333, May/June 1996.Google Scholar
- 2.T. Aura and D. Gollman. Software licence management with smart cards. In Proceedings of the USENIX Workshop on Smartcard Technology (Smartcard’ 99), pages 75–85, May 1999.Google Scholar
- 3.Boaz Barak, Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. On the (im)possibility of obfuscating programs. In CRYPTO 2001, August 2001.Google Scholar
- 4.Clark Thomborson Christian Collberg. Watermarking, tamper-proofing, and obfuscation — tools for software protection.Google Scholar
- 5.Christian Collberg, Clark Thomborson, and Douglas Low. Breaking abstractions and unstructuring data structures. In IEEE International Conference on Computer Languages, ICCL’98, Chicago, IL, USA, May 1998.Google Scholar
- 6.Christian Collberg, Clark Thomborson, and Douglas Low. A taxonomy of obfuscating transformations. Technical Report 148, Department of Computer Science, The University of Auckland, Private Bag 92019, Auckland, New Zealand, 1998.Google Scholar
- 7.Cloakware Corporation. Introduction to cloakware tamper-resistant software (trs) technology, March 2001. http://www.cloakware.com/pdfs/TRS-intro.pdf.
- 8.Compuware Corporation. Numega softice. http://www.numega.com/drivercentral-/components/softice/si_features.shtml.
- 9.H. G. Joepgen and S. Krauss. Software by means of the ‘protprog’ method. ii. Elektronik, 42(17):52–56, Aug. 1993.Google Scholar
- 10.O. Kommerling and M. Kuhn. Design principles for tamper-resistant smartcard processors. In Proc. USENIX Workshop on Smartcard Technology, Chicago, IL, May 1999.Google Scholar
- 11.Josh MacDonald. On program security and obfuscation.Google Scholar
- 12.Masahiro Mambo, Takanori Murayama, and Eiji Okamoto. A tentative approach to constructing tamper-resistant software. In New Security Paradigms Workshop. Proceedings, pages 23–33, New York, NY, USA, 1998. ACM.Google Scholar
- 13.Landon Curt Noll, Jeremy Horn, Peter Seebach, and Leonid A. Broukhis. The International Obfuscated C Code Contest, 1998. http://www.ioccc.org/.
- 14.A. Schulman. Examining the Windows AARD detection code. Dr. Dobb’s Journal, 18(9):42,44–8,89, Sept. 1993.Google Scholar
- 16.Simon Tatham and Julian Hall. Netwide Assembler. http://www.websites.co.uk/nasm.
- 17.Chenxi Wang, Jonathan Hill, John Knight, and Jack Davidson. Software tamper resistance: Obstructing static analysis of programs. Technical Report CS-2000-12, 12 2000.Google Scholar
- 18.Steve R. White and Liam Comerford. ABYSS: An architecture for software protection. IEEE Transactions on Software Engineering, 16(6):619–629, June 1990.Google Scholar
- 19.Bennett Yee and J. D. Tygar. Secure coprocessors in electronic commerce applications, pages 155–170, 1995.Google Scholar