research-article

SIP shaker: software integrity protection composition

Authors:

Mohsen Ahmadvand,

Dennis Fischer,

Sebastian BanescuAuthors Info & Claims

ACSAC '19: Proceedings of the 35th Annual Computer Security Applications Conference

Pages 203 - 214

https://doi.org/10.1145/3359789.3359848

Published: 09 December 2019 Publication History

Abstract

Man-At-The-End (MATE) attackers are almighty adversaries against whom there exists no silver-bullet countermeasure. To raise the bar, a wide range of protection measures were proposed in the literature each of which adds resilience against certain attacks on certain digital assets of a program. Intuitively, composing a set of protections (rather than applying just one of them) can mitigate a wider range of attacks and hence offer a higher level of security. Despite the potential benefits, very limited research has been done on the composition of protections. Naive compositions could lead to conflicts which, in turn, limit the application of protections, raise false alarms, and worse yet, yield corrupted binaries. More importantly, inadequate compositions of such protections are not tailored for the program at hand and thus the offered security and performance are sub-optimal. In this paper, we first lay out a set of generic constraints for a conflict-free composition of protections. Then, we develop a composition framework based on a defense graph in which nodes and edges capture protections, their relations, and constraints. The conflicts problem together with optimization requirements are then translated into a set of integer constraints. We then use Integer Linear Programming (ILP) to handle conflicts while optimizing for a higher security and lower overhead. To measure the overhead, we use a set of real-world programs (MiBench dataset and open source games). Our evaluation results indicate that our composition framework reduces the overhead by ≈ 39% while maximizing the coverage. Moreover, our approach yields a 5-fold decrease in overhead compared to state-of-the-art heuristics.

References

[1]

Martín Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the 12th ACM conference on Computer and communications security. ACM, 340--353.

Digital Library

[2]

Mohsen Ahmadvand, Anahit Hayrapetyan, Sebastian Banescu, and Alexander Pretschner. 2018. Practical Integrity Protection with Oblivious Hashing. In Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC '18). ACM, New York, NY, USA, 40--52.

Digital Library

[3]

Mohsen Ahmadvand, Alexander Pretschner, and Florian Kelbert. 2018. A Taxonomy of Software Integrity Protection Techniques. Elsevier.

[4]

David Aucsmith. 1996. Tamper resistant software: An implementation. In International Workshop on Information Hiding. Springer, 317--333.

[5]

Sebastian Banescu, Mohsen Ahmadvand, Alexander Pretschner, Robert Shield, and Chris Hamilton. 2017. Detecting Patching of Executables without System Calls. In CODASPY'17, Gail-Joon Ahn, Alexander Pretschner, and Gabriel Ghinita (Eds.). The Association for Computing Machinery, 185--196.

Digital Library

[6]

Sebastian Banescu, Martín Ochoa, Nils Kunze, and Alexander Pretschner. 2015. Idea: Benchmarking indistinguishability obfuscation-a candidate implementation. In International Symposium on Engineering Secure Software and Systems. Springer, 149--156.

[7]

Sebastian Banescu, Alexander Pretschner, Dominic Battré, Stéfano Cazzulani, Robert Shield, and Greg Thompson. 2015. Software-based protection against changeware. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 231--242.

Digital Library

[8]

Marc Boulle. 2004. Compact mathematical formulation for graph partitioning. Optimization and Engineering 5, 3 (2004), 315--333.

[9]

Jan Cappaert, Bart Preneel, Bertrand Anckaert, Matias Madou, and Koen De Bosschere. 2008. Towards tamper resistant code encryption: Practice and experience. In International Conference on Information Security Practice and Experience. Springer, 86--100.

[10]

Mariano Ceccato, Paolo Tonella, Cataldo Basile, Bart Coppens, Bjorn De Sutter, Paolo Falcarin, and Marco Torchiano. 2017. How professional hackers understand protected code while performing attack tasks. In Program Comprehension (ICPC), 2017 IEEE/ACM 25th International Conference on. IEEE, 154--164.

Digital Library

[11]

Hoi Chang and Mikhail J Atallah. 2001. Protecting software code by guards. In ACM Workshop on Digital Rights Management. Springer, 160--175.

Digital Library

[12]

Yuqun Chen, Ramarathnam Venkatesan, Matthew Cary, Ruoming Pang, Saurabh Sinha, and Mariusz H Jakubowski. 2002. Oblivious hashing: A stealthy software integrity verification primitive. In International Workshop on Information Hiding. Springer, 400--414.

Digital Library

[13]

Nenad Dedić, Mariusz Jakubowski, and Ramarathnam Venkatesan. 2007. A graph game model for software tamper protection. In International Workshop on Information Hiding. Springer, 80--95.

[14]

Paolo Falcarin, Stefano Di Carlo, Alessandro Cabutto, Nicola Garazzino, and Davide Barberis. 2011. Exploiting code mobility for dynamic binary obfuscation. In Internet Security (WorldCIS), 2011 World Congress on. IEEE, 114--120.

[15]

Wu-chang Feng, Ed Kaiser, and Travis Schluessler. 2008. Stealth measurements for cheat detection in on-line games. In Proceedings of the 7th ACM SIGCOMM Workshop on Network and System Support for Games. ACM, 15--20.

[16]

Sanjam Garg, Craig Gentry, Shai Halevi, Mariana Raykova, Amit Sahai, and Brent Waters. 2016. Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM J. Comput. 45, 3 (2016), 882--929.

Digital Library

[17]

Sudeep Ghosh, Jason Hiser, and Jack W Davidson. 2013. Software protection for dynamically-generated code. In Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop. ACM, 1.

Digital Library

[18]

Sudeep Ghosh, Jason D Hiser, and Jack W Davidson. 2010. A secure and robust approach to software tamper resistance. In International Workshop on Information Hiding. Springer, 33--47.

[19]

Serge Guelton, Adrien Guinet, Pierrick Brunet, Juan Manuel Martinez Caamaño, Fabien Dagnat, and Nicolas Szlifierski. 2018. [Research Paper] Combining Obfuscation and Optimizations in the Real World. 2018 IEEE 18th International Working Conference on Source Code Analysis and Manipulation (SCAM) (2018), 24--33.

[20]

Matthew R Guthaus, Jeffrey S Ringenberg, Dan Ernst, Todd M Austin, Trevor Mudge, and Richard B Brown. 2001. MiBench: A free, commercially representative embedded benchmark suite. In Workload Characterization, 2001. WWC-4. 2001 IEEE International Workshop on. IEEE, 3--14.

Digital Library

[21]

Kelly Heffner and Christian Collberg. 2004. The obfuscation executive. In International Conference on Information Security. Springer, 428--440.

[22]

Pascal Junod, Julien Rinaldini, Johan Wehrli, and Julie Michielin. 2015. Obfuscator-LLVM: software protection for the masses. In Proceedings of the 1st International Workshop on Software Protection. IEEE Press, 3--9.

Digital Library

[23]

Stamatis Karnouskos. 2011. Stuxnet worm impact on industrial cyber-physical system security. In IECON 2011-37th Annual Conference on IEEE Industrial Electronics Society. IEEE, 4490--4494.

[24]

Han Liu, Chengnian Sun, Zhendong Su, Yu Jiang, Ming Gu, and Jiaguang Sun. 2017. Stochastic Optimization of Program Obfuscation. In Proceedings of the 39th International Conference on Software Engineering (ICSE '17). IEEE Press, Piscataway, NJ, USA, 221--231.

Digital Library

[25]

Jasvir Nagra and Christian Collberg. 2009. Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Pearson Education.

[26]

Esko Nuutila and Eljas Soisalon-Soininen. 1994. On finding the strongly connected components in a directed graph. Inf. Process. Lett. 49, 1 (1994), 9--14.

Digital Library

[27]

Jing Qiu, Babak Yadegari, Brian Johannesmeyer, Saumya Debray, and Xiaohong Su. 2015. Identifying and understanding self-checksumming defenses in software. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 207--218.

Digital Library

[28]

Bruce Schneier. 2007. Story of the Greek Wiretapping Scandal. (2007). https://www.schneier.com/blog/archives/2007/07/story_of_the_gr_1.html https://www.schneier.com/blog/archives/2007/07/story_of_the_gr_1.html/.

[29]

Q. Su, F. He, N. Wu, and Z. Lin. 2018. A Method for Construction of Software Protection Technology Application Sequence Based on Petri Net With Inhibitor Arcs. IEEE Access 6 (2018), 11988--12000.

[30]

Sid-Ahmed-Ali Touati and Denis Barthou. 2006. On the decidability of phase ordering problem in optimizing compilation. In Proceedings of the 3rd conference on Computing frontiers. ACM, 147--156.

Digital Library

[31]

Michael G Wrighton and André M DeHon. 2006. SAT-based optimal hypergraph partitioning with replication. In Proceedings of the 2006 Asia and South Pacific Design Automation Conference. IEEE Press, 789--795.

Digital Library

[32]

Glenn Wurster, Paul C Van Oorschot, and Anil Somayaji. 2005. A generic attack on checksumming-based software tamper resistance. In Security and Privacy, 2005 IEEE Symposium on. IEEE, 127--138.

Digital Library

[33]

Brecht Wyseur and Bjorn De Sutter. 2014. D1.04 Reference Architecture. (2014). https://aspire-fp7.eu/sites/default/files/D1.04-ASPIRE-Reference-Architecture-v2.1.pdf

Cited By

Banescu SValenzuela SGuggenmos MAhmadvand MPretschner A(2021)Dynamic Taint Analysis versus Obfuscated Self-CheckingProceedings of the 37th Annual Computer Security Applications Conference10.1145/3485832.3485926(182-193)Online publication date: 6-Dec-2021
https://dl.acm.org/doi/10.1145/3485832.3485926

Index Terms

SIP shaker: software integrity protection composition
1. Security and privacy
  1. Software and application security
    1. Software security engineering

Recommendations

Software-Based Protection against Changeware
CODASPY '15: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy

We call changeware software that surreptitiously modifies resources of software applications, e.g., configuration files. Changeware is developed by malicious entities which gain profit if their changeware is executed by large numbers of end-users of the ...
Replacement attacks against VM-protected applications
VEE '12: Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments

Process-level virtualization is increasingly being used to enhance the security of software applications from reverse engineering and unauthorized modification (called software protection). Process-level virtual machines (PVMs) can safeguard the ...
Replacement attacks against VM-protected applications
VEE '12

Process-level virtualization is increasingly being used to enhance the security of software applications from reverse engineering and unauthorized modification (called software protection). Process-level virtual machines (PVMs) can safeguard the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '19: Proceedings of the 35th Annual Computer Security Applications Conference

December 2019

821 pages

ISBN:9781450376280

DOI:10.1145/3359789

Conference Chair:
David Balenson
SRI International

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 December 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Artifacts Evaluated & Reusable

Author Tags

Qualifiers

Research-article

Conference

ACSAC '19

ACSAC '19: 2019 Annual Computer Security Applications Conference

December 9 - 13, 2019

Puerto Rico, San Juan, USA

Acceptance Rates

ACSAC '19 Paper Acceptance Rate 60 of 266 submissions, 23%;

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
193
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Banescu SValenzuela SGuggenmos MAhmadvand MPretschner A(2021)Dynamic Taint Analysis versus Obfuscated Self-CheckingProceedings of the 37th Annual Computer Security Applications Conference10.1145/3485832.3485926(182-193)Online publication date: 6-Dec-2021
https://dl.acm.org/doi/10.1145/3485832.3485926

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten