Conference Paper

Remote software protection by orthogonal client replacement.

DOI: 10.1145/1529282.1529380 Conference: Proceedings of the 2009 ACM Symposium on Applied Computing (SAC), Honolulu, Hawaii, USA, March 9-12, 2009
Source: DBLP

ABSTRACT ABSTRACT In a typical client-server scenario, a trusted server provi des valu- able services to a client, which runs remotely on an untrusted plat- form. Of the many,security vulnerabilities that may,arise (such as authentication and authorization), guaranteeing the inte grity of the client code is one of the most difficult to address. This secur ity vul- nerability is an instance of the malicious host problem, where an adversary in control of the client’s host environment,tries to tamper with the client code. We propose a novel client replacement,strategy to counter the malicious host problem. The client code is periodically replaced by new orthogonal clients, such that their combination with the server is functionally-equivalent to the original client-server application. The reverse engineering efforts of the adversary are deterr ed by the complexity of analysis of frequently changing, orthogonal program code. We use the underlying concepts of program,obfuscation as a basis for formally defining and providing orthogonality. W e also give preliminary empirical validation of the proposed,approach. Categories and Subject Descriptors C.2.0 [Computer-communication networks]: General—Security

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The paper outlines to the problem of correlation between security and scalability of software protection against tampering based on the remote entrusting principles. The goal of the paper is to propose a technique allowing choosing the most effective combination of different protection methods to apply. The technique is aimed at finding a trade-off between performance of the protection mechanism and its security, ensuring both a necessary security level and an appropriate scalability. The technique encompasses the evaluation of particular protection methods belonging to the whole protection mechanism and getting quantitative metrics of their performance and security level. KeywordsRemote entrusting-performance analysis-security analysis-combination of protection methods
    08/2010: pages 298-306;
  • [Show abstract] [Hide abstract]
    ABSTRACT: Currently, embedded systems have been widely used for ubiquitous computing environments including digital setup boxes, mobile phones, and USN (Ubiquitous Sensor Networks). The significance of security has been growing as it must be necessarily embedded in all these systems. Up until now, many researchers have made efforts to verify the integrity of applied binaries downloaded in embedded systems. The research of problem solving is organized into hardware methods and software-like methods. In this research, the basic approach to solving problems from the software perspective was employed. From the software perspective, unlike in the existing papers (Seshadri et al., Proc. the IEEE symposium on security and privacy, 2004; Seshadri et al., Proc. the symposium on operating systems principals, 2005) based on the standardized model (TTAS.KO-11.0054. 2006) publicized in Korea, there is no extra verifier and conduct for the verification function in the target system. Contrary to the previous schemes (Jung et al., 2008; Lee et al., LNCS, vol. 4808, pp. 346–355, 2007), verification results are stored in 1 validation check bit, instead of storing signature value for application binary files in the i-node structure for the purpose of reducing run-time execution overhead. Consequently, the proposed scheme is more efficient because it dramatically reduces overhead in storage space, and when it comes to computing, it performs one hash algorithm for initial execution and thereafter compares 1 validation check bit only, instead of signature and hash algorithms for every application binary. Furthermore, in cases where there are frequent changes in the i-node structure or file data depending on the scheme application, the scheme can provide far more effective verification performance compared to the previous schemes.
    The Journal of Supercomputing 01/2012; 59:676-692. · 0.92 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: A major challenge in software security is preserving software integrity. Traditionally, this problem is addressed through the development of software (self-) checking techniques that verify the integrity of its code and execution. Unfortunately, no satisfactory solutions for run-time verification of software integrity have been presented. In this paper, we approach the problem of run-time software integrity verification in a networked context. That is, we present techniques to enable remote verification of the execution of software, given the availability of a continuous network connection between the verifica-tion entity and the untrusted execution platform.


Available from
May 27, 2014