ABSTRACT
Although existing for decades, software tampering attack is still a main threat to systems, such as Android, and cyber physical systems. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, none of them can achieve theoretically tamper-proof without the protection of hardware circuit. Rather than proposing new tricks against tampering attacks, we focus on impeding the replication of software tampering via program diversification, and thus pose a scalability barrier against the attacks. Our idea, namely N-version obfuscation (NVO), is to automatically generate and deliver same featured, but functionally nonequivalent software copies to different machines or users.
In this paper, we investigate such an idea on Android platform. We carefully design a candidate NVO solution for networked apps, which leverages a Message Authentication Code (MAC) mechanism to generate the functionally nonequivalent diversities. Our evaluation result shows that the time required for breaking such a software system increases linearly with respect to the number of software versions. In this way, attackers would suffer great scalability issues, considering that an app can have millions of users. With minimal NVO costs, effective tamper-resistant security can therefore be established.
- Android Auto. https://www.android.com/auto/.Google Scholar
- DexGuard. https://www.guardsquare.com/dexguard.Google Scholar
- FIPS Pub 180-4: Secure Hash Standard (SHS). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf.Google Scholar
- IDA. https://www.hex-rays.com/products/ida/.Google Scholar
- ProGuard. http://developer.android.com/tools/help/proguard.html.Google Scholar
- A. Appel. Deobfuscation is in np. Princeton University, Aug, 21:2, 2002.Google Scholar
- B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im) possibility of obfuscating programs. In CRYPTO, pages 1--18. Springer, 2001. Google ScholarDigital Library
- H. Chang and M. J. Atallah. Protecting software code by guards. In Security and Privacy in Digital Rights Management, pages 160--175. Springer, 2002. Google ScholarDigital Library
- L. Chen and A. Avizienis. N-version programming: a fault-tolerance approach to reliability of software operation. In Proc. the 8th IEEE International Symposium on Fault-Tolerant Computing, pages 3--9, 1978.Google Scholar
- Y. Chen, R. Venkatesan, et al. Oblivious hashing: A stealthy software integrity verification primitive. In Information Hiding, pages 400--414. Springer, 2003. Google ScholarDigital Library
- S. Chow, P. Eisen, H. Johnson, and P. C. V. Oorschot. White-box cryptography and an aes implementation. In Selected Areas in Cryptography, pages 250--270. Springer, 2003. Google ScholarCross Ref
- F. B. Cohen. Operating system protection through program evolution. Computers & Security, 12(6):565--584, 1993. Google ScholarDigital Library
- C. Collberg, C. Thomborson, and D. Low. A taxonomy of obfuscating transformations. Technical report, Department of Computer Science, The University of Auckland, 1997.Google Scholar
- C. S. Collberg and C. Thomborson. Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. on Software Engineering, 28(8):735--746, 2002. Google ScholarDigital Library
- S. Crane, C. Liebchen, et al. Readactor: Practical code randomization resilient to memory disclosure. In Proc. of the 36th IEEE Symposium on Security and Privacy, volume 15, 2015. Google ScholarDigital Library
- D. Dunaev and L. Lengyel. Complexity of a special deobfuscation problem. In Proc. of the 19th IEEE International Conference and Workshops on Engineering of Computer Based Systems, pages 1--4, 2012. Google ScholarDigital Library
- E. Eilam. Reversing: secrets of reverse engineering. John Wiley & Sons, 2011.Google Scholar
- P. Faruki, V. Laxmi, V. Ganmoor, M. S. Gaur, and A. Bharmal. Droidolytics: robust feature signature for repackaged android apps on official and third party android markets. In Proc. of the 2nd IEEE International Conference on Advanced Computing, Networking and Security, pages 247--252, 2013. Google ScholarDigital Library
- S. Forrest, A. Somayaji, and D. H. Ackley. Building diverse computer systems. In Proc. of the 6th IEEE Workshop on Hot Topics in Operating Systems, pages 67--72, 1997. Google ScholarDigital Library
- M. N. Gagnon, S. Taylor, and A. K. Ghosh. Software protection through anti-debugging. 2007.Google Scholar
- B. Horne, L. Matheson, C. Sheehan, and R. E. Tarjan. Dynamic self-checking techniques for improved tamper resistance. In Security and Privacy in Digital Rights Management, pages 141--159. Springer, 2002. Google ScholarDigital Library
- P. Junod, J. Rinaldini, J. Wehrli, and J. Michielin. Obfuscator-llvm-software protection for the masses. 2015.Google Scholar
- C. Kil, J. Jim, C. Bookholt, J. Xu, and P. Ning. Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In Proc. of the 22nd IEEE Annual Computer Security Applications Conference, pages 339--348, 2006. Google ScholarDigital Library
- W. Landi and B. G. Ryder. Pointer-induced aliasing: A problem classification. In Proc. of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 93--103, 1991. Google ScholarDigital Library
- P. Larsen, S. Brunthaler, and M. Franz. Automatic software diversity. 2015.Google Scholar
- L. Lei, Y. Wang, J. Zhou, D. Zha, and Z. Zhang. A threat to mobile cyber-physical systems: Sensor-based privacy theft attacks on android smartphones. In Proc. of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 126--133, 2013. Google ScholarDigital Library
- C. Linn and S. Debray. Obfuscation of executable code to improve resistance to static disassembly. In Proc. of the 10th ACM Conference on Computer and Communications Security, pages 290--299, 2003. Google ScholarDigital Library
- M. R. Lyu et al. Handbook of software reliability engineering. IEEE Computer Society Press, 1996. Google ScholarDigital Library
- M. R. Lyu and Y.-T. He. Improving the n-version programming process through the evolution of a design paradigm. IEEE Transactions on Reliability, 42(2):179--189, 1993.Google ScholarCross Ref
- J. Ming, D. Xu, L. Wang, and D. Wu. Loop: Logic-oriented opaque predicate detection in obfuscated binary code. In Proc. of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 757--768, 2015. Google ScholarDigital Library
- A. Moser, C. Kruegel, and E. Kirda. Limits of static analysis for malware detection. In Proc. of the 23rd IEEE Annual Computer Security Applications Conference, pages 421--430, 2007.Google ScholarCross Ref
- T. Ogiso, Y. Sakabe, M. Soshi, and A. Miyaji. Software obfuscation on a theoretical basis and its implementation. IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, 86(1):176--186, 2003.Google Scholar
- P. O'Kane, S. Sezer, and K. McLaughlin. Obfuscation: The hidden malware. 2011.Google Scholar
- V. Pappas, M. Polychronakis, and A. D. Keromytis. Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In Proc. of the 33rd IEEE Symposium on Security and Privacy, 2012. Google ScholarDigital Library
- J. Qiu, B. Yadegari, B. Johannesmeyer, S. Debray, and X. Su. Identifying and understanding self-checksumming defenses in software. 2015.Google Scholar
- J. Qiu, B. Yadegari, B. Johannesmeyer, et al. A framework for understanding dynamic anti-analysis defenses. In Proc. of the 4th ACM Program Protection and Reverse Engineering Workshop, 2014. Google ScholarDigital Library
- C. Ren, K. Chen, and P. Liu. Droidmarking: Resilient software watermarking for impeding android application repackaging. In Proc. of the 29th ACM/IEEE International Conference on Automated Software Engineering, pages 635--646, 2014. Google ScholarDigital Library
- T. Sander and C. F. Tschudin. Protecting mobile agents against malicious hosts. In Mobile Agents and Security, pages 44--60. Springer, 1998. Google ScholarDigital Library
- Y. Shao, X. Luo, C. Qian, P. Zhu, and L. Zhang. Towards a scalable resource-driven approach fordetecting repackaged android applications. In Proc. of the 30th ACM Annual Computer Security Applications Conference, pages 56--65, 2014. Google ScholarDigital Library
- M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee. Impeding malware analysis using conditional code obfuscation. In Proc. of the 15th Annual Network & Distributed System Security Conference (NDSS), 2008.Google Scholar
- T. Shields. Anti-debugging: a developers view, 2010.Google Scholar
- J. Shu, J. Li, Y. Zhang, and D. Gu. Android app protection via interpretation obfuscation. In Proc. of the 12th IEEE International Conference on Dependable, Autonomic and Secure Computing, 2014. Google ScholarDigital Library
- M. Sun, M. Li, and J. Lui. Droideagle: seamless detection of visually similar android apps. In Proc. of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, page 9, 2015. Google ScholarDigital Library
- H. Wang, Y. Guo, Z. Ma, and X. Chen. Wukong: a scalable and accurate two-phase approach to androidapp clone detection. In Proc. of the ACM International Symposium on Software Testing and Analysis, pages 71--82, 2015. Google ScholarDigital Library
- Z. Wang, J. Ming, C. Jia, and D. Gao. Linear obfuscation to combat symbolic execution. In Proc. of the 16th European Symposium on Research in Computer Security (ESORICS). Springer, 2011. Google ScholarDigital Library
- G. Wurster, P. V. Oorschot, and A. Somayaji. A generic attack on checksumming-based software tamper resistance. In Proc. of the 26th IEEE Symposium on Security and Privacy, 2005. Google ScholarDigital Library
- H. Xu, Y. Zhou, C. Gao, Y. Kang, and M. R. Lyu. Spyaware: Investigating the privacy leakage signatures in app execution traces. In Proc. of the 26th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2015. Google ScholarDigital Library
- B. Yadegari and S. Debray. Symbolic execution of obfuscated code. In Proc. of the 22nd ACM SIGSAC Conference on Computer and Communications Security, volume 15, pages 732--744, 2015. Google ScholarDigital Library
- B. Yadegari, B. Johannesmeyer, et al. A generic approach to automatic deobfuscation of executable code. Technical report, 2015.Google Scholar
- F. Zhang, D. Wu, P. Liu, and S. Zhu. Program logic based software plagiarism detection. In Proc. of the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2014. Google ScholarDigital Library
- W. Zhou, Z. Wang, Y. Zhou, and X. Jiang. Divilar: Diversifying intermediate language for anti-repackaging on android platform. In Proc. of the 4th ACM Conference on Data and Application Security and Privacy, pages 199--210, 2014. Google ScholarDigital Library
- W. Zhou, X. Zhang, and X. Jiang. Appink: watermarking android apps for repackaging deterrence. In Proc. of the 8th ACM Symposium on Information, Computer and Communications Security, pages 1--12, 2013. Google ScholarDigital Library
- W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting repackaged smartphone applications in third-party android marketplaces. In Proc. of the 2nd ACM Conference on Data and Application Security and Privacy, pages 317--326, 2012. Google ScholarDigital Library
- Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Proc. of the 33th IEEE Symposium on Security and Privacy, 2012. Google ScholarDigital Library
Index Terms
- N-version Obfuscation
Recommendations
A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security
Over the past few decades ago, software developers analyzed robustly several forms of software protection against illegal copying or piracy. With the expansion in digital technology, the risk of illegal copying of software also amplifies. The increasing ...
Hybrid static-dynamic attacks against software protection mechanisms
DRM '05: Proceedings of the 5th ACM workshop on Digital rights managementAdvances in reverse engineering and program analyses have made software extremely vulnerable to malicious host attacks. These attacks typically take the form of intellectual property violations, against which the software needs to be protected. The ...
Teaching Cyber Security Using Competitive Software Obfuscation and Reverse Engineering Activities
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science EducationTeaching cyber security techniques can be challenging due to the complexity associated with building secure systems. The major issue is these systems could easily be broken if proper protection techniques are not employed. This requires students to ...
Comments