Achieving Obfuscation Through Self-Modifying Code: A Theoretical Model

With the extreme amount of data and software available on networks, the protection of online information is one of the most important tasks of this technological age. There is no such thing as safe computing, and it is inevitable that security breaches will occur. Thus, security professionals and practices focus on two areas: security, preventing a breach from occurring, and resiliency, minimizing the damages once a breach has occurred. One of the most important practices for adding resiliency to source code is through obfuscation, a method of re-writing the code to a form that is virtually unreadable. This makes the code incredibly hard to decipher by attackers, protecting intellectual property and reducing the amount of information gained by the malicious actor. Achieving obfuscation through the use of self-modifying code, code that mutates during runtime, is a complicated but impressive undertaking that creates an incredibly robust obfuscating system. While there is a great amount of research that is still ongoing, the preliminary results of this subject suggest that the application of self-modifying code to obfuscation may yield self-maintaining software capable of healing itself following an attack

Anonymous subject identification and privacy information management in video surveillance

The widespread deployment of surveillance cameras has raised serious privacy concerns, and many privacy-enhancing schemes have been recently proposed to automatically redact images of selected individuals in the surveillance video for protection. Of equal importance are the privacy and efficiency of techniques to first, identify those individuals for privacy protection and second, provide access to original surveillance video contents for security analysis. In this paper, we propose an anonymous subject identification and privacy data management system to be used in privacy-aware video surveillance. The anonymous subject identification system uses iris patterns to identify individuals for privacy protection. Anonymity of the iris-matching process is guaranteed through the use of a garbled-circuit (GC)-based iris matching protocol. A novel GC complexity reduction scheme is proposed by simplifying the iris masking process in the protocol. A user-centric privacy information management system is also proposed that allows subjects to anonymously access their privacy information via their iris patterns. The system is composed of two encrypted-domain protocols: The privacy information encryption protocol encrypts the original video records using the iris pattern acquired during the subject identification phase; the privacy information retrieval protocol allows the video records to be anonymously retrieved through a GC-based iris pattern matching process. Experimental results on a public iris biometric database demonstrate the validity of our framework

Digital IP Protection Using Threshold Voltage Control

This paper proposes a method to completely hide the functionality of a digital standard cell. This is accomplished by a differential threshold logic gate (TLG). A TLG with $n$ inputs implements a subset of Boolean functions of $n$ variables that are linear threshold functions. The output of such a gate is one if and only if an integer weighted linear arithmetic sum of the inputs equals or exceeds a given integer threshold. We present a novel architecture of a TLG that not only allows a single TLG to implement a large number of complex logic functions, which would require multiple levels of logic when implemented using conventional logic primitives, but also allows the selection of that subset of functions by assignment of the transistor threshold voltages to the input transistors. To obfuscate the functionality of the TLG, weights of some inputs are set to zero by setting their device threshold to be a high $V_t$. The threshold voltage of the remaining transistors is set to low $V_t$ to increase their transconductance. The function of a TLG is not determined by the cell itself but rather the signals that are connected to its inputs. This makes it possible to hide the support set of the function by essentially removing some variable from the support set of the function by selective assignment of high and low $V_t$ to the input transistors. We describe how a standard cell library of TLGs can be mixed with conventional standard cells to realize complex logic circuits, whose function can never be discovered by reverse engineering. A 32-bit Wallace tree multiplier and a 28-bit 4-tap filter were synthesized on an ST 65nm process, placed and routed, then simulated including extracted parastics with and without obfuscation. Both obfuscated designs had much lower area (25%) and much lower dynamic power (30%) than their nonobfuscated CMOS counterparts, operating at the same frequency