Two-stage tamper response in tamper-resistant software

Moon Chan Park, Woo Kwon Koo, Dong Geun Suh, In-Seok Kim, Dong Hoon Lee

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

Malicious modification of software continues to raise concerns; thus, many countermeasures against these threats have been proposed such as obfuscation and tamper resistance techniques that can be combined to create tamper-resistant software. The methods for responding to tampering are an important consideration in tamper-resistant software design. Many tamper response mechanisms deliberately cause the application to crash; however, this response has negative impacts on the developers and users. An alternative approach is to detect and fix malicious changes. However, this approach cannot deter an attacker from attempting to continuously modify target software. This study presents robust tamper-resistant software techniques to mitigate tampering and reverse engineering attacks. The tamper-resistant software is based on an existing control flow flattening scheme and includes extensions for tamper detection and flexibility. Furthermore, the authors introduce a dynamic key in their two-stage tamper response scheme that considers both software stability and continuous attack. When tampering is detected, the proposed two-stage tamper response first produces a warning level response such as self-healing or programme termination. Next, if an attacker continuously attempts to bypass the warning level response, a self-destructive tamper response is triggered, as the result of an incorrectly computed dynamic key.

Original languageEnglish
Pages (from-to)81-88
Number of pages8
JournalIET Software
Volume10
Issue number3
DOIs
Publication statusPublished - 2016 Jun 1

Fingerprint

Reverse engineering
Software design
Flow control

ASJC Scopus subject areas

  • Computer Graphics and Computer-Aided Design

Cite this

Two-stage tamper response in tamper-resistant software. / Park, Moon Chan; Koo, Woo Kwon; Suh, Dong Geun; Kim, In-Seok; Lee, Dong Hoon.

In: IET Software, Vol. 10, No. 3, 01.06.2016, p. 81-88.

Research output: Contribution to journalArticle

Park, Moon Chan ; Koo, Woo Kwon ; Suh, Dong Geun ; Kim, In-Seok ; Lee, Dong Hoon. / Two-stage tamper response in tamper-resistant software. In: IET Software. 2016 ; Vol. 10, No. 3. pp. 81-88.
@article{caa6d484bb8041018046032f74a0e519,
title = "Two-stage tamper response in tamper-resistant software",
abstract = "Malicious modification of software continues to raise concerns; thus, many countermeasures against these threats have been proposed such as obfuscation and tamper resistance techniques that can be combined to create tamper-resistant software. The methods for responding to tampering are an important consideration in tamper-resistant software design. Many tamper response mechanisms deliberately cause the application to crash; however, this response has negative impacts on the developers and users. An alternative approach is to detect and fix malicious changes. However, this approach cannot deter an attacker from attempting to continuously modify target software. This study presents robust tamper-resistant software techniques to mitigate tampering and reverse engineering attacks. The tamper-resistant software is based on an existing control flow flattening scheme and includes extensions for tamper detection and flexibility. Furthermore, the authors introduce a dynamic key in their two-stage tamper response scheme that considers both software stability and continuous attack. When tampering is detected, the proposed two-stage tamper response first produces a warning level response such as self-healing or programme termination. Next, if an attacker continuously attempts to bypass the warning level response, a self-destructive tamper response is triggered, as the result of an incorrectly computed dynamic key.",
author = "Park, {Moon Chan} and Koo, {Woo Kwon} and Suh, {Dong Geun} and In-Seok Kim and Lee, {Dong Hoon}",
year = "2016",
month = "6",
day = "1",
doi = "10.1049/iet-sen.2014.0231",
language = "English",
volume = "10",
pages = "81--88",
journal = "IET Software",
issn = "1751-8806",
publisher = "Institution of Engineering and Technology",
number = "3",

}

TY - JOUR

T1 - Two-stage tamper response in tamper-resistant software

AU - Park, Moon Chan

AU - Koo, Woo Kwon

AU - Suh, Dong Geun

AU - Kim, In-Seok

AU - Lee, Dong Hoon

PY - 2016/6/1

Y1 - 2016/6/1

N2 - Malicious modification of software continues to raise concerns; thus, many countermeasures against these threats have been proposed such as obfuscation and tamper resistance techniques that can be combined to create tamper-resistant software. The methods for responding to tampering are an important consideration in tamper-resistant software design. Many tamper response mechanisms deliberately cause the application to crash; however, this response has negative impacts on the developers and users. An alternative approach is to detect and fix malicious changes. However, this approach cannot deter an attacker from attempting to continuously modify target software. This study presents robust tamper-resistant software techniques to mitigate tampering and reverse engineering attacks. The tamper-resistant software is based on an existing control flow flattening scheme and includes extensions for tamper detection and flexibility. Furthermore, the authors introduce a dynamic key in their two-stage tamper response scheme that considers both software stability and continuous attack. When tampering is detected, the proposed two-stage tamper response first produces a warning level response such as self-healing or programme termination. Next, if an attacker continuously attempts to bypass the warning level response, a self-destructive tamper response is triggered, as the result of an incorrectly computed dynamic key.

AB - Malicious modification of software continues to raise concerns; thus, many countermeasures against these threats have been proposed such as obfuscation and tamper resistance techniques that can be combined to create tamper-resistant software. The methods for responding to tampering are an important consideration in tamper-resistant software design. Many tamper response mechanisms deliberately cause the application to crash; however, this response has negative impacts on the developers and users. An alternative approach is to detect and fix malicious changes. However, this approach cannot deter an attacker from attempting to continuously modify target software. This study presents robust tamper-resistant software techniques to mitigate tampering and reverse engineering attacks. The tamper-resistant software is based on an existing control flow flattening scheme and includes extensions for tamper detection and flexibility. Furthermore, the authors introduce a dynamic key in their two-stage tamper response scheme that considers both software stability and continuous attack. When tampering is detected, the proposed two-stage tamper response first produces a warning level response such as self-healing or programme termination. Next, if an attacker continuously attempts to bypass the warning level response, a self-destructive tamper response is triggered, as the result of an incorrectly computed dynamic key.

UR - http://www.scopus.com/inward/record.url?scp=84973320537&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84973320537&partnerID=8YFLogxK

U2 - 10.1049/iet-sen.2014.0231

DO - 10.1049/iet-sen.2014.0231

M3 - Article

AN - SCOPUS:84973320537

VL - 10

SP - 81

EP - 88

JO - IET Software

JF - IET Software

SN - 1751-8806

IS - 3

ER -