Cover feature - Preventing piracy, reverse engineering, and tampering

Naumovich, Gleb; Memon, Nasir

doi:10.1109/mc.2003.1212692

Cited by 65 publications

(31 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, our black-box approach tends to be faster than those approaches and even works with obfuscated code [van Oorschot 2003;Naumovich and Memon 2003]. For many exploits, our black-box technique can produce signatures close to their signatures in quality, as we report in our experimental study.…”

Section: Contributionsmentioning

confidence: 63%

Fast and Black-box Exploit Detection and Signature Generation for Commodity Software

Choi

et al. 2008

ACM Trans. Inf. Syst. Secur.

View full text Add to dashboard Cite

In biology, a vaccine is a weakened strain of a virus or bacterium that is intentionally injected into the body for the purpose of stimulating antibody production. Inspired by this idea, we propose a packet vaccine mechanism that randomizes address-like strings in packet payloads to carry out fast exploit detection and signature generation. An exploit with a randomized jump address behaves like a vaccine: it will likely cause an exception in a vulnerable program's process when attempting to hijack the control flow, and thereby expose itself. Taking that exploit as a template, our signature generator creates a set of new vaccines to probe the program in an attempt to uncover the necessary conditions for the exploit to happen. A signature is built upon these conditions to shield the underlying vulnerability from further attacks. In this way, packet vaccine detects exploits and generates signatures in a black-box fashion, that is, not relying on the knowledge of a vulnerable program's source and binary code. Therefore, it even works on the commodity software obfuscated for the purpose of copyright protection. In addition, since our approach avoids the . Authors' addresses: X. Wang, Z. Li, and J. Y. Choi, Indiana University; email: Zhuowei.li@ microsoft,com; J. Xu, Google Inc. and North Carolina State University; M. K. Reiter, University of North Carolina at Chapel Hill; C. Kil, North Carolina State University. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or direct commercial advantage and that copies show this notice on the first page or initial screen of a display along with the full citation. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credits is permitted. To copy otherwise, to republish, to post on servers, to redistribute to lists, or to use any component of this work in other works requires prior specific permission and/or a fee. Permissions may be requested from the Publications Dept., ACM, Inc., 2 Penn Plaza, Suite 701, New York, NY 10121-0701 USA, fax +1 (212) © ACM, 2008. This is the authors' version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version is available at http://doi.acm.org/10.1145/1455518.1455523. 11: 2· X. Wang et al.expense of tracking the program's execution flow, it performs almost as fast as a normal run of the program and is capable of generating a signature of high quality within seconds or even subseconds. We present the design of the packet vaccine mechanism and an example of its application. We also describe our proof-of-concept implementation and the evaluation of our technique using real exploits.

show abstract

Section: Contributionsmentioning

confidence: 63%

Fast and Black-box Exploit Detection and Signature Generation for Commodity Software

Choi

et al. 2008

ACM Trans. Inf. Syst. Secur.

View full text Add to dashboard Cite

show abstract

“…Since Android apps are java based so protection techniques based on obfuscation that are used to prevent reverse engineering of java bytecode have been researched and applied to dalvik bytecode as well. Code obfuscation is a technique in which a program is automatically transformed in such a way that its functionality remains the same while it is more difficult to reverse engineer [11], [12]. Obfuscation is a useful and cost effective technique and it doesn't require any special execution environment.…”

Section: International Journal Ofmentioning

confidence: 99%

Smart Card Based Protection for Dalvik Bytecode — Dynamically Loadable Component of an Android APK

Shoaib¹,

Yasin²,

Abbassi³

2016

IJCTE

View full text Add to dashboard Cite

Abstract-The global smartphone market is growing at a brisk pace. Android, an open source platform of Google has become one of the most popular mobile operating systems. Android apps generate lot of revenue which is increasing every year. The reverse engineering of Android applications is much easier than owing to the use of open source platform. Therefore, it becomes important to protect applications running on Android from attackers. The goal is to minimize software flaws and use anti-reverse engineering techniques. In this paper, we present a protection scheme based on obfuscation, code modification and cryptographic protection that can effectively counter reverse engineering on the Android platform. Our approach aims at making it tough for a reverse engineer to get the business logic performed by an Android application.

show abstract

“…McLoughlin et al [132] divided those techniques into two classes: passive and active methods. Passive methods are statically introduced and implemented at fixed time, such as obfuscation [133] and watermarking [134]. For example, watermarking is widely used to prove the ownership of a give file, database or media content [135].…”

Section: Innovation Capability and Reverse Engineering Mitigationmentioning

confidence: 99%

Secure collaboration in global design and supply chain environment: Problem analysis and literature review

Zeng

Wang

Deng

et al. 2012

Computers in Industry

View full text Add to dashboard Cite

Cover feature - Preventing piracy, reverse engineering, and tampering

Cited by 65 publications

References 3 publications

Fast and Black-box Exploit Detection and Signature Generation for Commodity Software

Fast and Black-box Exploit Detection and Signature Generation for Commodity Software

Smart Card Based Protection for Dalvik Bytecode — Dynamically Loadable Component of an Android APK

Secure collaboration in global design and supply chain environment: Problem analysis and literature review

Contact Info

Product

Resources

About