Software protection

A computer system's security can be compromised in many ways—a denial-of-service attack can make a server inoperable, a worm can destroy a user's private data, or an eavesdropper can reap financial rewards by inserting himself in the communication link between a customer and her bank through a man-in-the-middle (MITM) attack. What all these scenarios have in common is that the adversary is an untrusted entity that attacks a system from the outside—we assume that the computers under attack are operated by benign and trusted users. But if we remove this assumption, if we allow anyone operating a computer system—from system administrators down to ordinary users—to compromise that system's security, we find ourselves in a scenario that has received comparatively little attention

Penggunaan Teknik Obfuskasi Dengan Algoritma obfLBS Untuk Mengacak Kode Sumber File SWF

Pembajakan terhadap perangkat lunak sering dilakukan oleh cracker maupun para pesaing untuk digandakan maupun diubah kode sumbernya. Teknik yang bisa digunakan untuk mencegah hal tersebut adalah dengan teknik obfuskasi. Cara kerjanya dengan mengubah / mengacak kode sumber suatu aplikasi namun tetap memelihara semantiknya, dalam mengacak kode sumber tersebut dapat menggunakan berbagai algoritma. Penelitian ini menggunakan algoritma obfLBS, obfuskasi  point fungsi yaitu mengubah variabel yang ada pada program dengan bilangan hexa . Pada tulisan ini teknik obfuskasi diimplementasikan pada program flash, yaitu file Small Web Format (berekstensi swf). Perangkat lunak dengan menggunakan bahasa pemrograman Java versi 1.6 dan IDE Netbeans 6.5. Perangkat lunak ini bertujuan untuk mengacak kode sumber dari file ekstensi swf, dengan terlebih dahulu me-disassemble file terkait, kemudian me-assemble ulang menjadi file ekstensi swf sehingga kode sumber terlindungi. Secara keseluruhan perangkat lunak yang dibuat berjalan sesuai dengan rancangan. Hasil dari pengujian file swf yang dihasilkan setelah proses obfuscating memiliki kualitas yang sama dengan file swf sebelumnya.   Kata Kunci : Obfuscation, Mengacak, Kode sumber, Algoritma obfLBS, File SW

A reference architecture for software protection

This paper describes the ASPIRE reference architecture designed to tackle one major problem in this domain: the lack of a clear process and an open software architecture for the composition and deployment of multiple software protections on software application

Achieving Obfuscation Through Self-Modifying Code: A Theoretical Model

With the extreme amount of data and software available on networks, the protection of online information is one of the most important tasks of this technological age. There is no such thing as safe computing, and it is inevitable that security breaches will occur. Thus, security professionals and practices focus on two areas: security, preventing a breach from occurring, and resiliency, minimizing the damages once a breach has occurred. One of the most important practices for adding resiliency to source code is through obfuscation, a method of re-writing the code to a form that is virtually unreadable. This makes the code incredibly hard to decipher by attackers, protecting intellectual property and reducing the amount of information gained by the malicious actor. Achieving obfuscation through the use of self-modifying code, code that mutates during runtime, is a complicated but impressive undertaking that creates an incredibly robust obfuscating system. While there is a great amount of research that is still ongoing, the preliminary results of this subject suggest that the application of self-modifying code to obfuscation may yield self-maintaining software capable of healing itself following an attack

A Reference Architecture for Software Protection

This paper describes the ASPIRE reference architecture designed to tackle one major problem in this domain: the lack of a clear process and an open software architecture for the composition and deployment of multiple software protections on software applications

VirtSC: Combining Virtualization Obfuscation with Self-Checksumming

Self-checksumming (SC) is a tamper-proofing technique that ensures certain program segments (code) in memory hash to known values at runtime. SC has few restrictions on application and hence can protect a vast majority of programs. The code verification in SC requires computation of the expected hashes after compilation, as the machine-code is not known before. This means the expected hash values need to be adjusted in the binary executable, hence combining SC with other protections is limited due to this adjustment step. However, obfuscation protections are often necessary, as SC protections can be otherwise easily detected and disabled via pattern matching. In this paper, we present a layered protection using virtualization obfuscation, yielding an architecture-agnostic SC protection that requires no post-compilation adjustment. We evaluate the performance of our scheme using a dataset of 25 real-world programs (MiBench and 3 CLI games). Our results show that the SC scheme induces an average overhead of 43% for a complete protection (100% coverage). The overhead is tolerable for less CPU-intensive programs (e.g. games) and when only parts of programs (e.g. license checking) are protected. However, large overheads stemming from the virtualization obfuscation were encountered