Assessment of Source Code Obfuscation Techniques

Obfuscation techniques are a general category of software protections widely adopted to prevent malicious tampering of the code by making applications more difficult to understand and thus harder to modify. Obfuscation techniques are divided in code and data obfuscation, depending on the protected asset. While preliminary empirical studies have been conducted to determine the impact of code obfuscation, our work aims at assessing the effectiveness and efficiency in preventing attacks of a specific data obfuscation technique - VarMerge. We conducted an experiment with student participants performing two attack tasks on clear and obfuscated versions of two applications written in C. The experiment showed a significant effect of data obfuscation on both the time required to complete and the successful attack efficiency. An application with VarMerge reduces by six times the number of successful attacks per unit of time. This outcome provides a practical clue that can be used when applying software protections based on data obfuscation.Comment: Post-print, SCAM 201

On the impossibility of effectively using likely-invariants for software attestation purposes

Invariants monitoring is a software attestation technique that aims at proving the integrity of a running application by checking likely-invariants, which are statistically significant predicates inferred on variables’ values. Being very promising, according to the software protection literature, we developed a technique to remotely monitor invariants. This paper presents the analysis we have performed to assess the effectiveness of our technique and the effectiveness of likely-invariants for software attestation purposes. Moreover, it illustrates the identified limitations and our studies to improve the detection abilities of this technique. Our results suggest that, despite further studies and future results may increase the efficacy and reduce the side effects, software attestation based on likely-invariants is not yet ready for the real world. Software developers should be warned of these limitations, if they could be tempted by adopting this technique, and companies developing software protections should not invest in development without also investing in further research

Towards Automatic Risk Analysis and Mitigation of Software Applications

This paper proposes a novel semi-automatic risk analysis approach that not only identifies the threats against the assets in a software application, but it is also able to quantify their risks and to suggests the software protections to mitigate them. Built on a formal model of the software, attacks, protections and their relationships, our implementation has shown promising performance on real world applications. This work represents a first step towards a user-friendly expert system for the protection of software applications

Reactive attestation : automatic detection and reaction to software tampering attacks

Anti-tampering is a form of software protection conceived to detect and avoid the execution of tampered programs. tamper detection assesses programs’ integrity with load- or execution-time checks. Avoidance reacts to tampered programs by stopping or rendering them unusable. General purpose reactions (such as halting the execution) stand out like a lighthouse in the code and are quite easy to defeat by an attacker. More sophisticated reactions, which degrade the user experience or the quality of service, are less easy to locate and remove but are too tangled with the program’s business logic, and are thus difficult to automate by a general purpose protection tool. In the present paper, we propose a novel approach to antitampering that (i) fully automatically applies to a target program, (ii) uses Remote Attestation for detection purposes and (iii) adopts a server-side reaction that is difficult to block by an attacker. By means of Client/Server Code Splitting, a crucial part of the program is removed from the client and executed on a remote trusted server in sync with the client. If a client program provides evidences of its integrity, the part moved to the server is executed. Otherwise, a server-side reaction logic may (temporarily or definitely) decide to stop serving it. Therefore, a tampered client application can not continue its execution. We assessed our automatic protection tool on a case study Android application. Experimental results show that all the original and tampered executions are correctly detected, reactions are promptly applied, and execution overhead is on an acceptable level

Emergent representations in networks trained with the Forward-Forward algorithm

The Backpropagation algorithm, widely used to train neural networks, has often been criticised for its lack of biological realism. In an attempt to find a more biologically plausible alternative, and avoid to back-propagate gradients in favour of using local learning rules, the recently introduced Forward-Forward algorithm replaces the traditional forward and backward passes of Backpropagation with two forward passes. In this work, we show that internal representations obtained with the Forward-Forward algorithm organize into robust, category-specific ensembles, composed by an extremely low number of active units (high sparsity). This is remarkably similar to what is observed in cortical representations during sensory processing. While not found in models trained with standard Backpropagation, sparsity emerges also in networks optimized by Backpropagation, on the same training objective of Forward-Forward. These results suggest that the learning procedure proposed by Forward-Forward may be superior to Backpropagation in modelling learning in the cortex, even when a backward pass is used.Comment: 14 pages, 8 figure

The energy sensor AMPK regulates Hedgehog signaling in human cells through a unique Gli1 metabolic checkpoint

Hedgehog signaling controls proliferation of cerebellar granule cell precursors (GCPs) and its aberrant activation is a leading cause of Medulloblastoma, the most frequent pediatric brain tumor. We show here that the energy sensor AMPK inhibits Hh signaling by phosphorylating a single residue of human Gli1 that is not conserved in other species.Studies with selective agonists and genetic deletion have revealed that AMPK activation inhibits canonical Hh signaling in human, but not in mouse cells. Indeed we show that AMPK phosphorylates Gli1 at the unique residue Ser408, which is conserved only in primates but not in other species. Once phosphorylated, Gli1 is targeted for proteasomal degradation. Notably, we show that selective AMPK activation inhibits Gli1-driven proliferation and that this effect is linked to Ser408 phosphorylation, which represents a key metabolic checkpoint for Hh signaling.Collectively, this data unveil a novel mechanism of inhibition of Gli1 function, which is exclusive for human cells and may be exploited for the treatment of Medulloblastoma or other Gli1 driven tumors

Health related quality of life in colorectal cancer patients: state of the art

Proceedings of the 26th National Congress of the Italian Society of Geriatric Surgery Silvestro Canonico, Bruno Amato and Alessandro Puzziello This supplement has not been sponsored. The source of funding used to cover open access publication charges is declared by the authors in each article. Articles have undergone the journal's standard review process for supplements. The supplement editors declare they have no competing interests. Conference 26th National Congress of the Italian Society of Geriatric Surgery 19-22 June 2013 Naples, ItalyBACKGROUND: Colorectal cancer (CRC) is the third most commonly diagnosed cancer in males and the second in females with a progressive increase in prevalence in industrialized countries. The loss of health due to the cancer and/or the consequence of the treatment may result in psychophysical, functional and social impairment; all of these affect health-related quality of life (QoL). DESCRIPTION: The most frequently CRC-specific QoL questionnaires is the FACT-C. QoL is not only important for the well-being of cancer patient but it also influences survival and response to therapy. Many studies investigated various determinants involved in the assessment of QoL in CRC, suggesting that symptoms, surgical procedures and the number of comorbidity significantly affected QoL. CONCLUSION: Despite that CRC patients have a relatively good QoL compared with the general population, a wide range of intervention could be undertaken to improve their QoL. The finding of this review may be useful for cancer clinicians in taking therapy and surveillance-related decisions. However, future research should be directed to large-scale prospective studies using well validated QoL instruments to facilitate comparison of results.Funding for this article has come from University funds.S