Software Protection Techniques Research Articles

SAFTE: A self-injection based anti-fuzzing technique

Fuzzing refers to a collection of software testing methodologies that have been specifically developed to automatically detect implementation bugs, and is utilized by developers as a means of evaluating the security and stability of applications. Unfortunately, hacker can also exploit fuzzing techniques to crash bugs, and analyze zero-day vulnerabilities from it to carry out cyber attacks. As a result, researchers make use of anti-fuzzing technologies to slow down and frustrate these malicious aggressors. However, the main aim of these methods is to design a source-level defense strategy, which means this work requires not only the source codes but also considering the programming language. This restricts users from protecting the released binary executable they do not own from malicious analysis.In this paper, we perform a systematic analysis of software protection techniques and design a novel self-injection based anti-fuzzing techniques, called SAFTE. Different from the former research, SAFTE proposes a new way to hide the feedback or crash-related information by the means of dynamic loading and execution. First, a memory block is allocated, followed by the duplication of the image that is stored in the .data into the allocated local memory. Second, the memory is altered to enable execution permissions, thereby facilitating the execution of the image that is stored in the memory. As a consequence of this approach, let the operational and procedural status of the program is hidden, thereby precluding the fuzzer from obtaining accurate feedback or crash-related information. Therefore, it makes the fuzzer completely useless. Our evaluation on popular fuzzers demonstrates that SAFTE is capable of obviating the majority of extant fuzzers, and exhibits higher efficacy in comparison to the most advanced anti-fuzzing techniques presently available. Meanwhile, the size of the program is better than the other methods(size:18048KB,average run time per run:0.056ms), which was modified by SATFE only increases no more than 85% and the running time only increases 30%.

Call graph obfuscation and diversification: an approach

Monetary loss due to software piracy nowadays reaches millions. In 2017, the commercial value for this concept rose to $46.3 billion. A way to mitigate this problem from the technological point of view is the use of software protection techniques, especially the obfuscation and diversification of code, highlighting the control obfuscation. There are many proposals connected with obfuscating control flow graph. However, there are few reported works that perform obfuscation of the call graph. In this study, the authors propose a novel mechanism for the static obfuscation and diversification of the call graph of a software. The mechanism is based on the routing of functions calls in order to modify the software call graph. A prototype of the proposed mechanism was developed by extending the functionalities of a compiler. The generated software differed structurally by 25% on average, compared to the original software. There was an increase in the level of obfuscation from 2 to 30% in the tests performed, with only a 3% overhead of the execution time in all cases. The proposal allows to restructure the whole call graph efficiently, increasing the level of protection without affecting significantly the software performance.

Multi-Threaded Mitigation of Radiation-Induced Soft Errors in Bare-Metal Embedded Systems

This article presents a software protection technique against radiation-induced faults which is based on a multi-threaded strategy. Data triplication and instructions flow duplication or triplication techniques are used to improve system reliability and thus, ensure a correct system operation. To achieve this objective, a relaxed lockstep model to synchronize the execution of both, redundant threads and variables under protection on different processing units is defined. The evaluation was performed by means of simulated fault injection campaigns in a multi-core ARM system. Results show that despite being considered techniques that imply an evident overhead in memory and instructions (Duplication With Comparison and Re-Execution – DWC-R and Triple Modular Redundancy – TMR), spreading the replicas in different instruction flows not only produce similar results than classic techniques, but also improves the computational and recovery time in presence of soft-errors. In addition, this paper highlights the importance of protecting memory-allocated data, since the instruction flow triplication is not enough to improve the overall system reliability.

A meta-model for software protections and reverse engineering attacks

Software protection techniques are used to protect valuable software assets against man-at-the-end attacks. Those attacks include reverse engineering to steal confidential assets, and tampering to break the software’s integrity in unauthorized ways. While their ultimate aims are the original assets, attackers also target the protections along their attack path. To allow both humans and tools to reason about the strength of available protections (and combinations thereof) against potential attacks on concrete applications and their assets, i.e., to assess the true strength of layered protections, all relevant and available knowledge on the relations between the relevant aspects of protections, attacks, applications, and assets need to be collected, structured, and formalized. This paper presents a software protection meta-model that can be instantiated to construct a formal knowledge base that holds precisely that information. The presented meta-model is validated against existing models and taxonomies in the domain of software protection, and by means of prototype tools that we developed to help non-modelling-expert software defenders with populating a knowledge base and with extracting and inferring practically useful information from it. All discussed tools are available as open source, and we evaluate their use as part of a software protection work flow on an open source application and industrial use cases.

Semantics-based software watermarking by abstract interpretation

Software watermarking is a software protection technique used to defend the intellectual property of proprietary code. In particular, software watermarking aims at preventing software piracy by embedding a signature, i.e. an identifier reliably representing the owner, in the code. When an illegal copy is made, the owner can claim his/her identity by extracting the signature. It is important to hide the signature in the program in order to make it difficult for the attacker to detect, tamper or remove it. In this work, we present a formal framework for software watermarking, based on program semantics and abstract interpretation, where attackers are modelled as abstract interpreters. In this setting, we can prove that the ability to identify signatures can be modelled as a completeness property of the attackers in the abstract interpretation framework. Indeed, hiding a signature in the code corresponds to embed it as a semantic property that can be retrieved only by attackers that are complete for it. Any abstract interpreter that is not complete for the property specifying the signature cannot detect, tamper or remove it. We formalize in the proposed framework the major quality features of a software watermarking technique: secrecy, resilience, transparence and accuracy. This provides a unifying framework for interpreting both watermarking schemes and attacks, and it allows us to formally compare the quality of different watermarking techniques. Indeed, a large number of watermarking techniques exist in the literature and they are typically evaluated with respect to their secrecy, resilience, transparence and accuracy to attacks. Formally identifying the attacks for which a watermarking scheme is secret, resilient, transparent or accurate can be a complex and error-prone task, since attacks and watermarking schemes are typically defined in different settings and using different languages (e.g. program transformation vs. program analysis), complicating the task of comparing one against the others.

A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security

Over the past few decades ago, software developers analyzed robustly several forms of software protection against illegal copying or piracy. With the expansion in digital technology, the risk of illegal copying of software also amplifies. The increasing piracy rate has posed a serious threat to software developers leading to the development of various software protection techniques. However, various techniques have been proposed for copyright protection such as software watermarking, obfuscation, tamper-proofing and diversity. The code transformation (obfuscation) is a method of transforming a program into a form which is more complicated for an adversary to understand or change the original code from an illegitimate process of reverse engineering. None of the current code obfuscation approaches provide resistance from reverse engineering attacks. The reverse engineering threat occurs due to the unconfined software code to the user. Malicious reverse engineering of software codes can be harder by exertion of code transformation on software programs. To address this, we acquaint a peculiar code transformation approach for software protection. The proposed approach is used semantically equivalent to code clone within the source code to protect logical part of program text. We have successfully implement our approach using open source java project Gantt project system and open source java obfuscator's tools. In this paper, we present our approach and demonstrate it with an illustration. The intent of this method is to prevent static analysis attack and make dynamic attack compact for an adversary. This makes it worthwhile against reverse engineering attacks.

Different Obfuscation Techniques for Code Protection

With the advancements in digital technology, the threat of unimaginable level of duplicating and illegal reproducing of software also increases. Therefore the piracy rate is increasing proportionally. This scenario has clearly placed the threat for the software manufacturers and leads to the development of numerous software protection techniques. The numerous software protection techniques have been developed and one of such software protection techniques is code obfuscation. The code obfuscation is a mechanism for hiding the original algorithm, data structures or the logic of the code, or to harden or protect the code (which is considered as intellectual property of the software writer) from the unauthorized reverse engineering process. In general, code obfuscation involves hiding a program's implementation details from an adversary, i.e. transforming the program into a semantically equivalent (same computational effect) program, which is much harder to understand for an attacker. None of the current code obfuscation techniques satisfy all the obfuscation effectiveness criteria to resistance the reverse engineering attacks. Therefore the researchers as well as the software industries are trying their best to apply newer and better obfuscation techniques over their intellectual property in a regular process. But unfortunately, software code is not safe, i.e. still it can be cracked. This paper presents some of the obfuscation methods, which can help to protect the sensitive code fragments of any software, without alteration of inherent functionalities of the software. The proposed obfuscation techniques are implemented in assembly level code, with taking care of the theory of optimizing transformations. The assembly code represents the data dependencies and comfort to analyse the data after disassembling the executable as compared to the decompiled code.

A Thorough Investigation on Software Protection Techniques against Various Attacks

Software security and protection plays an important role in software engineering. Considerable attempts have been made to enhance the security of the computer systems because of various available software piracy and virus attacks. Preventing attacks of software will have a huge influence on economic development. Thus, it is very vital to develop approaches that protect software from threats. There are various threats such as piracy, reverse engineering, tampering etc., exploits critical and poorly protected software. Thus, thorough threat analysis and new software protection schemes, needed to protect software from analysis and tampering attacks becomes very necessary. Various techniques are available in the literature for software protection from various attacks. This paper analyses the various techniques available in the literature for software protection. The functionalities and the characteristic features are various software protection techniques have been analyzed in this paper. The main goal of this paper is to analyze the existing software protection techniques and provide directions to overcome the drawbacks of the existing techniques.

Soft core based embedded systems in critical aerospace applications

► New application of soft-core embedded systems to develop critical aerospace systems. ► Design process combines in a selective way, hardware and software techniques. ► Designs not only meet all requirements, but avoid excessive use costly protections. There is an increasing interest in the aerospace industry to reduce the cost of the systems by means of using Commercial Off The Shelf ( COTS ) devices. The engineering of novel microsatellites and nanosatellites are clear examples of this new trend. However, the use of sub-micron technologies has led to greater sensitivity of these devices to radiation-induced transient faults , limiting the exploitation of this approach in critical systems. This paper presents an innovative application of soft-core microprocessor based embedded systems, to design dependable and reduced-cost critical systems with COTS reconfigurable devices (flash based FPGAs ). To make this possible, it is necessary to fine-tune the protection strategy by combining selectively fault mitigation techniques based on hardware or software. In this way, the resultant system not only fulfills both the design constraints and the dependability requirements, but also avoids the cost provoked by excessive use of protection mechanisms. A case study is presented in which the design space exploration between hardware and software protection techniques permits to find the best trade-offs among performance, reliability, memory size and hardware cost in a dependable subsystem.

Obfuscation – how to do it and how to crack it

Code obfuscation and other software protection techniques have long been used by software vendors to protect software intellectual property (IP). In the world of anti-piracy, an arms race has emerged pitting protection vendors against skilled reverse engineers and crackers. Protection vendors develop innovative approaches to deter the cracking of licensing and DRM schemes that enables piracy.

Software Protection through Anti-Debugging

This article focuses on describing state-of-the-art attacks on debuggers to prevent reverse engineering. You can use the information we present as part of your strategy to protect your software or to assist you in overcoming the anti-debugging tricks present in malicious software. Currently, there are enough anti-debugging techniques available to software engineers to sufficiently protect software against most threats, likewise, most state-of-the-art malware can be sufficiently reverse-engineered with patience and skill to enable security researchers to continue to defend their networks. However, advances in software protection techniques and reverse engineering might alter the balance.

Information Security in Multiprocessor Systems Based on the X86 Architecture

This paper examines security in systems based on Intel x86 architecture and covers aspects from timing attacks to the prevention of service bugs. It reviews some software protection techniques and introduces some new techniques focused on multiprocessor systems.

Software Protection Techniques: Control Issues for is Auditors

S oftware can be duplicated and modified easily and inexpensively.There does not seem to be much agreement on the best way legally to protect software products against unlawful copying or altering.IS auditors and others who are interested in protecting their organization's investment in software development should learn as much as they can about using the legal tools that are available.