Dynamic SelfChecking Techniques for Improved Tamper Resistance - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

Dynamic SelfChecking Techniques for Improved Tamper Resistance

Description:

Tester Design (1/2) Design Objectives. Lightweight Hash Functions. Multiple Hash Functions ... n k-1. Assignment of Testers to Intervals. Random permutation ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 11
Provided by: ux
Category:

less

Transcript and Presenter's Notes

Title: Dynamic SelfChecking Techniques for Improved Tamper Resistance


1
Dynamic Self-Checking Techniques for Improved
Tamper Resistance
  • Bill Horne, Lesley Matheson, Casey Sheehan,
    Robert E. Tarjan
  • STAR Lab, InterTrust Technologies

2
Introduction
  • Self-checking (Self-validation or integrity
    checking)
  • While running, checks itself
  • Static
  • Check its integrity only once, during start-up
  • Dynamic
  • Repeatedly verifies its integrity as it is
    running
  • Another protection techniques
  • Thwart reverse engineering
  • Customization, obfuscation
  • Thwart debuggers and emulators
  • Watermarking, fingerprinting

3
Related Work
  • Obfuscation
  • To thwart reverse engineering
  • Customization
  • Create many very different versions
  • Software watermarking
  • Allow tracking of misused program copies
  • Self-checking
  • Tamper-proofing, integrity checking, and
    anti-tampering technology

4
Design Objectives
  • Goal
  • Eliminate single points of failure
  • Functionality
  • Comprehensive and Timely Dynamic Detection
  • Separate, Flexible Response
  • Modular Components
  • Platform Independence
  • Insignificant Performance Degradation
  • Goal is to have no more than a 5 impact on
    performance
  • Easy Integration
  • Suitable for a Large Codebase

5
Threat Model (1/2)
  • Discovery
  • Static Inspection
  • Stealthy and obfuscation
  • Use of Debuggers and Similar Software Tools
  • Detects standard debuggers and responds
    appropriately
  • Detection of Reads into the Code
  • Obfuscation
  • Generalization
  • Customization
  • Collusion
  • Corrector
  • Inspection of Installation Patches
  • Corrector

6
Threat Model (2/2)
  • Disablement
  • Modifying the Testers
  • Redundant, overlapping coverage
  • Modifying the Response Mechanism
  • Need more robust tamper-response mechanism
  • Modifying Correctors
  • Multiple overlapping hash computations
  • Temporary Modifications
  • Minimize this thread

7
Algorithm Design
  • Tester
  • Interval L2 cache size
  • Interleaved tasks
  • Correctors and Intervals
  • Tamper Response

8
Tester Design (1/2)
  • Design Objectives
  • Lightweight Hash Functions
  • Multiple Hash Functions
  • Summarizable Hash Functions
  • Stealthy Testers
  • Obfuscation, short tester
  • Resistance to Auto-collusion
  • Short customized testers
  • Obfuscated Address Calculation
  • Complex addressing modes
  • Harmless to Development
  • stamped

9
Tester Design (2/2)
  • Tester Construction and Customization
  • 2,916,864 distinct tester implementations
  • Less than 50 bytes
  • Tester Placement
  • Source-level tester placement
  • Profiling tools

10
Interval Construction
  • Corrector Placement
  • Uniform distribution
  • Dead code
  • Interval Definition
  • Corrector nk-1
  • Assignment of Testers to Intervals
  • Random permutation
Write a Comment
User Comments (0)
About PowerShow.com