Protecting Software Code By Guards

Get BibTex-formatted data

Download

PDF

Author

Hoi Chang and Mikhail J. Atallah

Tech report number

CERIAS TR 2001-49

Entry type

inproceedings

Abstract

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they in- cur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. 1 Experimental results show that memory space and run-time performance impacts incurred by guards can be kept very low (as explained later in the paper).

Download

PDF

URL

http://www.springerlink.com/content/f4ulvxry6jmdkwdh/

Booktitle

ACM Workshop on Security and Privacy in Digital Rights Management (2001)

Institution

CERIAS, Purdue University

Key alpha

Chang

Note

ACM Workshop on Security and Privacy in Digital Rights Management, Philadelphia, Pennsylvania, November 2001

Publication Date

2001-01-01

Location

A hard-copy of this is in the CERIAS Library

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Inproceedings{ Chang,
	title = "Protecting Software Code By Guards",
	author = "Hoi Chang and Mikhail J. Atallah",
	booktitle = "ACM Workshop on Security and Privacy in Digital Rights Management (2001)",
	institution = "CERIAS, Purdue University",
	note = "ACM Workshop on Security and Privacy in Digital Rights Management, Philadelphia, Pennsylvania, November 2001",
	abstract = "Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they in- 
cur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and  manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that 
work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. 1 Experimental results show that memory space and run-time performance impacts incurred by guards can be kept very low (as explained later in the
paper).",
	url = "http://www.springerlink.com/content/f4ulvxry6jmdkwdh/",
}