Software Tamper Resistance Through Dynamic Program Monitoring

  • Brian Blietz
  • Akhilesh Tyagi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3919)


This paper describes a two instruction-stream (two-process) model for tamper resistance. One process (Monitor process, M-Process) is designed explicitly to monitor the control flow of the main program process (P-Process). The compilation phase compiles the software into two co-processes: P-process and M-process. The monitor process contains the control flow consistency conditions for the P-process. The P-process sends information on its instantiated control flow at a compiler specified fixed period to the M-process. If there is a violation of the control flow conditions captured within the M-process, the M-process takes an anti-tamper action such as termination of the P-process. By its very design, the monitor process is expected to be compact. Hence, we can afford to protect the M-process with a more expensive technique, a variant of Aucsmith’s scheme. This scheme has been implemented with the Gnu C compiler gcc. There are several other monitoring, obfuscation, and dynamic decryption techniques that are embedded in this system. We quantify the performance overhead of the scheme for a variety of programs. The performance of such an anti-tamper schema can be significantly improved by leveraging a decoupled processor architecture to support the decoupled M- and P- processes. We describe one instance of such a two-stream decoupled architecture that can make the scheme more robust and efficient.


Hash Function Basic Block Cache Size Control Flow Graph Assembly Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aucsmith, D.: Tamper Resistant Software: An Implementation. In: Proceedings of the First International Workshop on Information Hiding (1996)Google Scholar
  2. 2.
    Collberg, C., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation - tools for software protection (2000)Google Scholar
  3. 3.
    Jun, G.: Software Obfuscation with Program Permutation. M.S. Thesis, Dept. of Computer Science, Iowa State University, Ames, IA (2004)Google Scholar
  4. 4.
    Goloubeva, O., Rebaudengo, M., Sonza Reorda, M., Violante, M.: Soft-error Detection Using Control Flow Assertions. Politecnico di Torino, Dipartimento di Automatica e Informatica, Torino, Italy (2003)Google Scholar
  5. 5.
    Horne, B., Matheson, L., Sheehan, C., Tarjan, R.: Dynamic Self-Checking Techniques for Improved Tamper Resistance. In: ACM Workshop on Security and Privacy in Digital Rights Management (2002)Google Scholar
  6. 6.
    Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software (2000)Google Scholar
  7. 7.
    Linn, C., Debray, S., Kececioglu, J.: Enhancing Software Tamper-Resistance via Stealthy Address Computations. In: Proceedings of 19th Annual Computer Security Applications Conference (ACSAC 2003) (Decemeber 2003)Google Scholar
  8. 8.
    Kernighanand, B.W., Lin, S.: An efficient heuristic procedure for partitioning graphs. Bell System Technical Journal 49, 291–307 (1970)CrossRefGoogle Scholar
  9. 9.
    Necula, G.C.: Proof-carrying code. In: Conference Record of POPL 1997: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Paris, France, pp. 106–119 (1997)Google Scholar
  10. 10.
    Tyagi, A.: Branch Decoupled Architectures. In: Proc. of Workshop on Interaction between Compilers and Computer Architectures at 3rd Int’l Symp. on High-Performance Computer Architecture (February 1997)Google Scholar
  11. 11.
    Venkatesan, R., Vazirani, V.V., Sinha, S.: A graph theoretic approach to software watermarking. In: Information Hiding, pp. 157–168 (2001)Google Scholar
  12. 12.
    Wang, C., Hill, J., Knight, J., Davidson, J.: Software Tamper Resistance: Obstructing Static analysis of Programs. Technical Report CS2000-12, Department of Computer Science, University of Virginia (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Brian Blietz
    • 1
  • Akhilesh Tyagi
    • 1
  1. 1.Dept. of Electrical & Computer EngineeringIowa State UniversityAmes

Personalised recommendations