Code renewability for native software protection
- Author
- Bert Abrath (UGent) , Bart Coppens (UGent) , Jens Van den Broeck, Brecht Wyseur, Alessandro Cabutto, Paolo Falcarin and Bjorn De Sutter (UGent)
- Organization
- Project
- Abstract
- Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications dynamically. Renewed and diversified code and data belonging to either the original application or to linked-in protections are delivered from a secure server to a client on demand. This results in frequent changes to the software components when they are under attack, thus making attacks harder. By supporting various forms of diversification and renewability, novel protection combinations become available, and existing combinations become stronger. The prototype implementation is evaluated on a number of industrial use cases.
- Keywords
- man-at-the-end attacks, online protection, diversification, software updates, security server, RANDOMIZATION, SECURITY
Downloads
-
(...).pdf
- full text (Published version)
- |
- UGent only
- |
- |
- 1.64 MB
Citation
Please use this url to cite or link to this publication: http://hdl.handle.net/1854/LU-8668148
- MLA
- Abrath, Bert, et al. “Code Renewability for Native Software Protection.” ACM TRANSACTIONS ON PRIVACY AND SECURITY, vol. 23, no. 4, 2020, doi:10.1145/3404891.
- APA
- Abrath, B., Coppens, B., Van den Broeck, J., Wyseur, B., Cabutto, A., Falcarin, P., & De Sutter, B. (2020). Code renewability for native software protection. ACM TRANSACTIONS ON PRIVACY AND SECURITY, 23(4). https://doi.org/10.1145/3404891
- Chicago author-date
- Abrath, Bert, Bart Coppens, Jens Van den Broeck, Brecht Wyseur, Alessandro Cabutto, Paolo Falcarin, and Bjorn De Sutter. 2020. “Code Renewability for Native Software Protection.” ACM TRANSACTIONS ON PRIVACY AND SECURITY 23 (4). https://doi.org/10.1145/3404891.
- Chicago author-date (all authors)
- Abrath, Bert, Bart Coppens, Jens Van den Broeck, Brecht Wyseur, Alessandro Cabutto, Paolo Falcarin, and Bjorn De Sutter. 2020. “Code Renewability for Native Software Protection.” ACM TRANSACTIONS ON PRIVACY AND SECURITY 23 (4). doi:10.1145/3404891.
- Vancouver
- 1.Abrath B, Coppens B, Van den Broeck J, Wyseur B, Cabutto A, Falcarin P, et al. Code renewability for native software protection. ACM TRANSACTIONS ON PRIVACY AND SECURITY. 2020;23(4).
- IEEE
- [1]B. Abrath et al., “Code renewability for native software protection,” ACM TRANSACTIONS ON PRIVACY AND SECURITY, vol. 23, no. 4, 2020.
@article{8668148, abstract = {{Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications dynamically. Renewed and diversified code and data belonging to either the original application or to linked-in protections are delivered from a secure server to a client on demand. This results in frequent changes to the software components when they are under attack, thus making attacks harder. By supporting various forms of diversification and renewability, novel protection combinations become available, and existing combinations become stronger. The prototype implementation is evaluated on a number of industrial use cases.}}, articleno = {{20}}, author = {{Abrath, Bert and Coppens, Bart and Van den Broeck, Jens and Wyseur, Brecht and Cabutto, Alessandro and Falcarin, Paolo and De Sutter, Bjorn}}, issn = {{2471-2566}}, journal = {{ACM TRANSACTIONS ON PRIVACY AND SECURITY}}, keywords = {{man-at-the-end attacks,online protection,diversification,software updates,security server,RANDOMIZATION,SECURITY}}, language = {{eng}}, number = {{4}}, pages = {{31}}, title = {{Code renewability for native software protection}}, url = {{http://doi.org/10.1145/3404891}}, volume = {{23}}, year = {{2020}}, }
- Altmetric
- View in Altmetric
- Web of Science
- Times cited: