Abstract
This paper describes a two instruction-stream (two-process) model for tamper resistance. One process (Monitor process, M-Process) is designed explicitly to monitor the control flow of the main program process (P-Process). The compilation phase compiles the software into two co-processes: P-process and M-process. The monitor process contains the control flow consistency conditions for the P-process. The P-process sends information on its instantiated control flow at a compiler specified fixed period to the M-process. If there is a violation of the control flow conditions captured within the M-process, the M-process takes an anti-tamper action such as termination of the P-process. By its very design, the monitor process is expected to be compact. Hence, we can afford to protect the M-process with a more expensive technique, a variant of Aucsmith’s scheme. This scheme has been implemented with the Gnu C compiler gcc. There are several other monitoring, obfuscation, and dynamic decryption techniques that are embedded in this system. We quantify the performance overhead of the scheme for a variety of programs. The performance of such an anti-tamper schema can be significantly improved by leveraging a decoupled processor architecture to support the decoupled M- and P- processes. We describe one instance of such a two-stream decoupled architecture that can make the scheme more robust and efficient.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aucsmith, D.: Tamper Resistant Software: An Implementation. In: Proceedings of the First International Workshop on Information Hiding (1996)
Collberg, C., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation - tools for software protection (2000)
Jun, G.: Software Obfuscation with Program Permutation. M.S. Thesis, Dept. of Computer Science, Iowa State University, Ames, IA (2004)
Goloubeva, O., Rebaudengo, M., Sonza Reorda, M., Violante, M.: Soft-error Detection Using Control Flow Assertions. Politecnico di Torino, Dipartimento di Automatica e Informatica, Torino, Italy (2003)
Horne, B., Matheson, L., Sheehan, C., Tarjan, R.: Dynamic Self-Checking Techniques for Improved Tamper Resistance. In: ACM Workshop on Security and Privacy in Digital Rights Management (2002)
Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software (2000)
Linn, C., Debray, S., Kececioglu, J.: Enhancing Software Tamper-Resistance via Stealthy Address Computations. In: Proceedings of 19th Annual Computer Security Applications Conference (ACSAC 2003) (Decemeber 2003)
Kernighanand, B.W., Lin, S.: An efficient heuristic procedure for partitioning graphs. Bell System Technical Journal 49, 291–307 (1970)
Necula, G.C.: Proof-carrying code. In: Conference Record of POPL 1997: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Paris, France, pp. 106–119 (1997)
Tyagi, A.: Branch Decoupled Architectures. In: Proc. of Workshop on Interaction between Compilers and Computer Architectures at 3rd Int’l Symp. on High-Performance Computer Architecture (February 1997)
Venkatesan, R., Vazirani, V.V., Sinha, S.: A graph theoretic approach to software watermarking. In: Information Hiding, pp. 157–168 (2001)
Wang, C., Hill, J., Knight, J., Davidson, J.: Software Tamper Resistance: Obstructing Static analysis of Programs. Technical Report CS2000-12, Department of Computer Science, University of Virginia (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blietz, B., Tyagi, A. (2006). Software Tamper Resistance Through Dynamic Program Monitoring. In: Safavi-Naini, R., Yung, M. (eds) Digital Rights Management. Technologies, Issues, Challenges and Systems. DRMTICS 2005. Lecture Notes in Computer Science, vol 3919. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11787952_12
Download citation
DOI: https://doi.org/10.1007/11787952_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35998-2
Online ISBN: 978-3-540-35999-9
eBook Packages: Computer ScienceComputer Science (R0)