Advanced search
1 file | 258.70 KB Add to list

Resilient self-debugging software protection

Bert Abrath (UGent) , Bart Coppens (UGent) , Ilja Nevolin and Bjorn De Sutter (UGent)
Author
Organization
Project
Abstract
Debuggers are a popular reverse engineering and tampering tool. Self-debugging is an effective technique for applications to defend themselves against hostile debuggers. In penetration tests on state-of-the-art self-debugging, we observed several opportunities through which it could be attacked, however. We therefore improved upon the existing technique, making it more resilient by introducing reciprocal debugging and making the transfers of control between protected application and self-debugger more stealthy. This paper presents the improved self-debugging design, and details our research efforts into realizing reciprocal debugging. In our evaluation we show that the improved design is significantly harder for attackers to defeat.
Keywords
reverse engineering, software protection, anti-tampering, anti-debugging, self-debugging

Downloads

  • paper.pdf
    • full text (Accepted manuscript)
    • |
    • open access
    • |
    • PDF
    • |
    • 258.70 KB

Citation

Please use this url to cite or link to this publication:

MLA
Abrath, Bert, et al. “Resilient Self-Debugging Software Protection.” 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), IEEE, 2020, pp. 606–15, doi:10.1109/EuroSPW51379.2020.00088.
APA
Abrath, B., Coppens, B., Nevolin, I., & De Sutter, B. (2020). Resilient self-debugging software protection. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 606–615. https://doi.org/10.1109/EuroSPW51379.2020.00088
Chicago author-date
Abrath, Bert, Bart Coppens, Ilja Nevolin, and Bjorn De Sutter. 2020. “Resilient Self-Debugging Software Protection.” In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 606–15. IEEE. https://doi.org/10.1109/EuroSPW51379.2020.00088.
Chicago author-date (all authors)
Abrath, Bert, Bart Coppens, Ilja Nevolin, and Bjorn De Sutter. 2020. “Resilient Self-Debugging Software Protection.” In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 606–615. IEEE. doi:10.1109/EuroSPW51379.2020.00088.
Vancouver
1.
Abrath B, Coppens B, Nevolin I, De Sutter B. Resilient self-debugging software protection. In: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2020. p. 606–15.
IEEE
[1]
B. Abrath, B. Coppens, I. Nevolin, and B. De Sutter, “Resilient self-debugging software protection,” in 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Genoa, Italy, 2020, pp. 606–615.
@inproceedings{8668175,
  abstract     = {{Debuggers are a popular reverse engineering and tampering tool. Self-debugging is an effective technique for applications to defend themselves against hostile debuggers. In penetration tests on state-of-the-art self-debugging, we observed several opportunities through which it could be attacked, however. We therefore improved upon the existing technique, making it more resilient by introducing reciprocal debugging and making the transfers of control between protected application and self-debugger more stealthy. This paper presents the improved self-debugging design, and details our research efforts into realizing reciprocal debugging. In our evaluation we show that the improved design is significantly harder for attackers to defeat.}},
  author       = {{Abrath, Bert and Coppens, Bart and Nevolin, Ilja and De Sutter, Bjorn}},
  booktitle    = {{2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}},
  isbn         = {{9781728185972}},
  keywords     = {{reverse engineering,software protection,anti-tampering,anti-debugging,self-debugging}},
  language     = {{eng}},
  location     = {{Genoa, Italy}},
  pages        = {{606--615}},
  publisher    = {{IEEE}},
  title        = {{Resilient self-debugging software protection}},
  url          = {{http://doi.org/10.1109/EuroSPW51379.2020.00088}},
  year         = {{2020}},
}

Altmetric
View in Altmetric
Web of Science
Times cited: