A Survey on Software Protection Techniques against Various Attacks

Software security and protection plays an important role in software engineering. Considerable attempts have been made to enhance the security of the computer systems because of various available software piracy and virus attacks. Preventing attacks of software will have a huge influence on economic development. Thus, it is very vital to develop approaches that protect software from threats. There are various threats such as piracy, reverse engineering, tampering etc., exploits critical and poorly protected software. Thus, thorough threat analysis and new software protection schemes, needed to protect software from analysis and tampering attacks becomes very necessary. Various techniques are available in the literature for software protection from various attacks. This paper analyses the various techniques available in the literature for software protection. The functionalities and the characteristic features are various software protection techniques have been analyzed in this paper. The main goal of this paper is to analyze the existing software protection techniques and develop an efficient approach which would overcome the drawbacks of the existing techniques

Runtime protection via dataflow flattening

Software running on an open architecture, such as the PC, is vulnerable to inspection and modification. Since software may process valuable or sensitive information, many defenses against data analysis and modification have been proposed. This paper complements existing work and focuses on hiding data location throughout program execution. To achieve this, we combine three techniques: (i) periodic reordering of the heap, (ii) migrating local variables from the stack to the heap and (iii) pointer scrambling. By essentialy flattening the dataflow graph of the program, the techniques serve to complicate static dataflow analysis and dynamic data tracking. Our methodology can be viewed as a data-oriented analogue of control-flow flattening techniques. Dataflow flattening is useful in practical scenarios like DRM, information-flow protection, and exploit resistance. Our prototype implementation compiles C programs into a binary for which every access to the heap is redirected through a memory management unit. Stack-based variables may be migrated to the heap, while pointer accesses and arithmetic may be scrambled and redirected. We evaluate our approach experimentally on the SPEC CPU2006 benchmark suit

Towards a unified software attack model to assess software protections

Attackers can tamper with programs to break usage conditions. Different software protection techniques have been proposed to limit the possibility of tampering. Some of them just limit the possibility to understand the (binary) code, others react more actively when a change attempt is detected. However, the validation of the software protection techniques has been always conducted without taking into consideration a unified process adopted by attackers to tamper with programs. In this paper we present an extension of the mini-cycle of change, initially proposed to model the process of changing program for maintenance, to describe the process faced by an attacker to defeat software protections. This paper also shows how this new model should support a developer when considering what are the most appropriate protections to deplo

Indexing Information for Data Forensics

We introduce novel techniques for organizing the indexing structures of how data is stored so that alterations from an original version can be detected and the changed values specifically identified. We give forensic constructions for several fundamental data structures, including arrays, linked lists, binary search trees, skip lists, and hash tables. Some of our constructions are based on a new reduced-randomness construction for nonadaptive combinatorial group testing

Software Tampering Detection using AOP and mobile code

Assuring that a given code is faithfully executed with defined parameters and constraints on an un-trusted host is an open problem, which is especially important in the context of computing over communications networks. This work evaluates applicability of Aspect-Oriented Programming to the problem of remotely authenticating code during execution, which aims at assuring that the software is not maliciously tampered prior to and during execution. A flow of idiosyncratic signatures is continuously generated and associated to data transmitted by a function that is encapsulated in an aspect and whose execution is subordinated to the proper execution of the software being authenticated. The flow of signatures is validated by a remote component

Remote Trust with Aspect-Oriented Programming

Given a client/server application, how can the server entrust the integrity of the remote client, albeit the latter is running on an un-trusted machine? To address this research problem, we propose a novel approach based on the client-side generation of an execution signature, which is remotely checked by the server, wherein signature generation is locked to the entrusted software by means of code integrity checking. Our approach exploits the features of dynamic aspect-oriented programming (AOP) to extend the power of code integrity checkers in several ways. This paper both presents our approach and describes a prototype implementation for a messaging application