Proteus: Virtualization for diversified tamper-resistance

Proceedings of the ACM Workshop On Digital Rights Management, DRM'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06

Volumn , Issue , 2006, Pages 47-58

  Anckaert, Bertrand ^a   Jakubowski, Mariusz ^b   Venkatesan, Ramarathnam ^b  

^a GHENT UNIVERSITY   (Belgium)

^b MICROSOFT RESEARCH   (United States)

Author keywords

Copyright protection; Diversity; Intellectual property; Obfuscation; Tamper resistance; Virtualization

Indexed keywords

COMPUTER CRIME; COPYRIGHTS; ELECTRONIC CRIME COUNTERMEASURES; SECURITY OF DATA; VIRTUAL REALITY;

COPYRIGHT PROTECTION; OBFUSCATION; TAMPER RESISTANCE; VIRTUALIZATION;

SOFTWARE ENGINEERING;

EID: 34547409501     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1179509.1179521     Document Type: Conference Paper

References (41)

1. Bertrand Anckaert, Bjorn De Sutter, and Koen De Bosschere. Software piracy prevention through diversity. In The 4th ACM Workshop on Digital Rights Management, pages 63-71, 2004.
2. Bertrand Anckaert, Matias Madou, and Koen De Bosschere. A model for self-modifying code. In The 8th Information Hiding Conference, LNCS (to appear), 2006.
3. Ross Anderson and Markus Kuhn. Tamper Resistance - a Cautionary Note. In The 2nd Usenix Workshop on Electronic Commerce, pages 1-11, 1996.
4. David Aucsmith. Tamper resistant software: an implementation. In The 1st Information Hiding Conference, volume 1174 of LNCS, pages 317-333, 1996.
5. Algirdas Avizienis and L Chen. On the implementation of n-version programming for software fault tolerance during execution. In The IEEE Computer Software and Applications Conference, pages 149-155, 1977.
6. Lee Badger, Larry D'Anna, Doug Kilpatrick, Brian Matt, Andrew Reisse, and Tom Van Vleck. Self-protecting mobile agents obfuscation evaluation report, 2001.
7. Elena Gabriela Barrantes, David Ackley, Stephanie Forrest, and Darko Stefanovi. Randomized instruction set emulation. A CM Transactions on Information and System Security, 8(1):3-40, 2005.
8. Sandeep Bhatkar, Daniel DuVarney, and R. Sekar. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In The 12th USENIX Security Symposium, pages 105-120, 2003.
9. Business Software Alliance and International Data, Corporation. Second Annual BSA and IDC Global Software Piracy Study, 2005.
10. Hoi Chang and Mikhail Atallah. Protecting software code by guards. In The 1st ACM Workshop on Digital Eights Management, volume 2320 of LNCS, pages 160-175, 2002.
11. Yuqun Chen, Ramarathnam Venkatesan, Matthew Cary, Ruoming Pang, Saurabh Sinha, and Mariusz Jakubowski. Oblivious hashing: a stealthy software integrity verification primitive. In The 5th Information Hiding Conference, volume 2578 of LNCS, pages 400-414, 2002.
12. Monica Chew and Dawn Song. Mitigating buffer overflows by operating system randomization. Technical Report CMU-CS-02-197, Department of Computer Science, Carnegie Mellon University, 2002.
13. Stanley Chow, Yuan Gu, Harold Johnson, and Vladimir Zakharov. An approach to the obfuscation of control-flow of sequential computer programs. In The 4th Information Security Conference, volume 2200 of LNCS, pages 144-155, 2001.
14. Cristina Cifuentes and John Gough. Decompilation of binary programs. Software - Practice & Experience, 25(7):811-829, 1995.
15. Frederick Cohen. Operating system evolution through program evolution. Computers and Security, 12(6):565-584, 1993.
16. Christian Collberg, Ginger Myles, and Andrew Huntwork. Sandmark - a tool for software protection research. IEEE Security and Privacy, 1(4):40-49, 2003.
17. Christian Collberg and Clark Thomborson. Software watermarking: Models and dynamic embeddings. In The 26th Conference on Principles of Programming Languages, pages 311-324, 1999.
18. Christian Collberg and Clark Thomborson. Watermarking, tamper-proofing, and obfuscation - tools for software protection. IEEE Transactions on Software Engineering, 28(8):735-746, 2002.
19. Christian Collberg, Clark Thomborson, and Douglas Low. Breaking abstractions and unstructuring data structures. In The International Conference on Computer Languages, pages 28-38, 1998.
20. Christian Collberg, Clark Thomborson, and Douglas Low. Manufacturing cheap, resilient, and stealthy opaque constructs. In The 25th Conference on Principles of Programming Languages, pages 184-196, 1998.
21. Patrick Cousot and Radhia Cousot. An abstract interpretation-based framework for software watermarking. In The 80th Conference on Principles of Programming Languages, pages 311-324, 2003.
22. Larry D'Anna, Brian Matt, Andrew Reisse, Tom Van Vleck, Steve Schwab, and Patric LeBlanc. Self-protecting mobile agents obfuscation report, 2003.
23. Stephanie Forrest, Anil Somayaji, and David Ackley. Building diverse computer systems. In The 6th Workshop on Hot Topics in Operating Systems, pages 67-72, 1997.
24. Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious RAMs. Journal of the ACM, 43(3):431-473, 1996.
25. Bill Home, Lesley Matheson, Casey Sheehan, and Robert Tarjan. Dynamic self-checking techniques for improved tamper resistance. In The 1st ACM Workshop on Digital Bights Management, volume 2320 of LNCS, pages 141-159, 2002.
26. Yuichiro Kanzaki, Akito Monden, Masahide Nakamura, and Ken ichi Matsumoto. Exploiting self-modification mechanism for program protection. In The 27th Annual International Computer Software and Applications Conference, pages 170-181, 2003.
27. Gaurav Kc, Angelos Keromytis, and Vassilis Prevelakis. Countering code-injection attacks with instruction-set randomization. In The 10th ACM Conference on Computer and Communications Security, pages 272-280, 2003.
28. Cullen Linn and Saumya Debray. Obfuscation of executable code to improve resistance to static disassembly. In The 10th ACM Conference on Computer and Communications Security, pages 290-299, 2003.
29. Matias Madou, Bertrand Anckaert, Patrick Moseley, Saumya Debray, Bjorn De Sutter, and Koen De Bosschere. Software protection through dynamic code mutation. In The 6th International Workshop on Information Security Applications, volume 3786 of LNCS, pages 194-206, 2005.
30. Gleb Naumovich and Nasir Memon. Preventing piracy, reverse engineering, and tampering. Computer, 36(7):64-71, 2003.
31. David Patterson and John Hennessy. Computer Architecture: A Quantitative Approach. Morgan Kaufmann, 1990.
32. Todd Proebsting. Optimizing an ANSI C interpreter with superoperators. In The 22nd Conference on Principles of Programming Languages, pages 322-332, 1995.
33. Calton Pu, Andrew Black, Crispin Cowan, and Jonathan Walpole. A specialization toolkit to increase the diversity of operating systems. In The ICMAS Workshop on Immunity-Based Systems, 1996.
34. Brian Randell. System structure for software fault tolerance. SIGPLAN Notices, 10(6):437-449, 1975.
35. Daniel Dominic Sleator and Robert Endre Tarjan. Self-adjusting binary search trees. Journal of the ACM, 32(3):652-686, 1985.
36. Paul van Oorschot. Revisiting software protection. In The 6th Conference on Information Security, volume 2851 of LNCS, pages 1-13, 2003.
37. Avinash Varadarajan and Ramarathnam Venkatesan. Limited obliviousness for data structures and efficient execution of programs. Technical report, Microsoft Research, 2006.
38. Ramarathnam Venkatesan, Vijay Vazirani, and Saurabh Sinha. A graph theoretic approach to software watermarking. In The 4th Information Hiding Conference, volume 2137 of LNCS, pages 157-168, 2001.
39. Chenxi Wang, Jack Davidson, Jonathan Hill, and John Knight. Protection of software-based survivability mechanisms. In The 2nd International Conference of Dependable Systems and Networks, pages 193-202, 2001.
40. Glen Wurster, Paul van Oorschot, and Anil Somayaji. A generic attack on checksumming-based software tamper resistance. In The 26th IEEE Symposium on Security and Privacy, pages 127-138, 2005.
41. Yongxin Zhou and Alec Main. Diversity via code transformations: A solution for NGNA renewable security. In NCTA - The National Show, 2006.