A software protection method based on time-sensitive code and self-modification mechanism

Yuichiro Kanzaki, Akito Monden

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

This paper proposes a systematic method for protecting software against malicious reverse engineering attacks. Our method aims to increase the cost of obtaining secret information in a program on the assumption that the adversaries have the ability to perform dynamic analysis as much as static analysis. A program protected by our method contains many time-sensitive codes, which are overwritten with fake (dummy) codes. Each time-sensitive code is modified during execution via self-modification according to the time taken to execute a designated block of the program. If the execution time of the block is within the predetermined range, the time-sensitive code becomes the original one. On the other hand, if the execution time is out of the range, the time-sensitive code becomes the other fake one. In order to obtain the secret information by static analysis, the adversary must find the routines that modify timesensitive codes which are scattered over the program, and must guess the predetermined valid execution time of the target blocks. In order to obtain the secret information by dynamic analysis, the adversary must make the execution reach the restricted points of the program without stopping the execution. As a result, our method helps to construct highly invulnerable software.

Original languageEnglish
Title of host publicationProceedings of the IASTED International Conference on Software Engineering and Applications, SEA 2010
Pages325-331
Number of pages7
DOIs
Publication statusPublished - Dec 1 2010
Externally publishedYes
EventIASTED International Conference on Software Engineering and Applications, SEA 2010 - Marina del Rey, CA, United States
Duration: Nov 8 2010Nov 10 2010

Publication series

NameProceedings of the IASTED International Conference on Software Engineering and Applications, SEA 2010

Other

OtherIASTED International Conference on Software Engineering and Applications, SEA 2010
CountryUnited States
CityMarina del Rey, CA
Period11/8/1011/10/10

    Fingerprint

Keywords

  • Program camouflage
  • Program obfuscation
  • Self-modification
  • Software protection
  • Software security

ASJC Scopus subject areas

  • Software

Cite this

Kanzaki, Y., & Monden, A. (2010). A software protection method based on time-sensitive code and self-modification mechanism. In Proceedings of the IASTED International Conference on Software Engineering and Applications, SEA 2010 (pp. 325-331). (Proceedings of the IASTED International Conference on Software Engineering and Applications, SEA 2010). https://doi.org/10.2316/P.2010.725-048