Abstract
The increase use of software tamper resistance techniques to protect software against undesired attacks comes an increased need to understand more about the strength of these tamper resistance techniques. Currently the understanding is rather general. In this paper we propose a new software tamper resistance evaluation technique. Our main contribution is to identify a set of issues that a tamper resistant system must deal with and show why these issues must be dealt with in order to secure a software system. Using the identified issues as criteria, we can measure the actual protection capability of a TRS system implementation and provide guidance on potential improvements on the implementation. We can also enable developers to compare the protection strength between differently implemented tamper resistance systems. While the set of criteria we identified in this paper is by no means complete, our framework allows easy extension of adding new criteria in future.
Chapter PDF
Similar content being viewed by others
References
Anckaert, B., Madou, M., Sutter, B.D., Bus, B.D., Bosschere, K.D., Preneel, B.: Program obfuscation: A quantitative approach. In: Proceedings of 3rd ACM Workshop on Quality of Protection (2007)
Aucsmith, D.: Tamper resistant software: An implementation. In: Furon, T., Cayre, F., Doërr, G., Bas, P. (eds.) IH 2007. LNCS, vol. 4567, pp. 317–333. Springer, Heidelberg (2008)
Chang, H., Atallah, M.: Protecting software code by guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 160–175. Springer, Heidelberg (2002)
Chen, Y., Venkatesan, R., Cary, M., Pang, R., Sinha, S., Jakubowski, M.H.: Oblivious hashing: A stealthy software integrity verification primitive. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 400–414. Springer, Heidelberg (2003)
Dedic, N., Jakubowski, M., Venkatesan, R.: A graph game model for software tamper protection. In: Proceedings of 9th Information Hiding Workshop (2007)
Horne, B., Matheson, L.R., Sheehan, C., Tarjan, R.E.: Dynamic self-checking techniques for improved tamper resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 141–159. Springer, Heidelberg (2002)
Jin, H., Myles, G., Lotspiech, J.: Towards better software tamper resistance. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 417–430. Springer, Heidelberg (2005)
Mambo, M., Murayama, T., Okamoto, E.: A tentative approach to constructing tamper-resistant software. In: Proceedings of 1997 New Security Paradigms Workshop, pp. 23–33. ACM Press, New York (1998)
Myles, G., Collberg, C.: K-gram based software birthmarks. In: Proceedings of ACM Symposium on Applied Computing, pp. 314–318 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Myles, G., Jin, H. (2010). A Metric-Based Scheme for Evaluating Tamper Resistant Software Systems. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds) Security and Privacy – Silver Linings in the Cloud. SEC 2010. IFIP Advances in Information and Communication Technology, vol 330. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15257-3_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-15257-3_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15256-6
Online ISBN: 978-3-642-15257-3
eBook Packages: Computer ScienceComputer Science (R0)