Y. Kanzaki and A. Monden (Japan)
software security, software protection, program obfuscation, program camouflage, self-modification
This paper proposes a systematic method for protect ing software against malicious reverse engineering attacks. Our method aims to increase the cost of obtaining secret information in a program on the assumption that the adver saries have the ability to perform dynamic analysis as much as static analysis. A program protected by our method contains many time-sensitive codes, which are overwrit ten with fake (dummy) codes. Each time-sensitive code is modified during execution via self-modification accord ing to the time taken to execute a designated block of the program. If the execution time of the block is within the predetermined range, the time-sensitive code becomes the original one. On the other hand, if the execution time is out of the range, the time-sensitive code becomes the other fake one. In order to obtain the secret information by static anal ysis, the adversary must find the routines that modify time sensitive codes which are scattered over the program, and must guess the predetermined valid execution time of the target blocks. In order to obtain the secret information by dynamic analysis, the adversary must make the execution reach the restricted points of the program without stopping the execution. As a result, our method helps to construct highly invulnerable software.
Important Links:
Go Back
