Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System, method and computer program product for protecting software via continuous anti-tampering and obfuscation transforms

a technology of software protection and transforms, applied in the field of system, method and computer program products for protecting software via continuous anti-tampering and obfuscation, can solve the problems of software protection from unauthorized tampering, billions of dollars in revenue each year, and malicious attackers continue to thwart such checks

Inactive Publication Date: 2011-02-10
UNIV OF VIRGINIA ALUMNI PATENTS FOUND
View PDF21 Cites 52 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0012]An aspect of various embodiments of the present invention provides, among other things, a mechanism for protection of software from tampering and reverse engineering. Efficient software dynamic translation is used to continually provide dynamic tamper-resistance and obfuscation. To prevent modifications to the pre-translated software version, encryption is used. Self-checking codes are hidden within the encrypted code, which help protect both the original program code and the software dynamic translator's program code. The dynamic translator caches blocks of code from the original application in a code cache. To protect these cached blocks, the translator dynamically applies anti-tampering and obfuscation techniques. The cache is flushed periodically and randomized anti-tampering and obfuscation techniques are re-applied to protect dynamic information from being leaked by the execution of the program.

Problems solved by technology

Unfortunately, malicious attackers continue to thwart such checks using a variety of information gathered from the dynamic execution of the program.
The issue of protecting software from unauthorized tampering is a critical problem in modern software deployment.
Billions of dollars are lost in revenue each year due to the efforts of malicious hackers and software pirates.
For example, malicious users may modify software to bypass a licensing check in commercial software or alter programs to include a copy of a computer virus.
Anti-tampering methods are also of great importance in the growing area of digital rights management, where tampering results in the loss of significant royalties and license fees.
Code obfuscation involves modifying computer code so that it is more difficult to understand.
This then makes it more difficult for malicious hackers to figure out what parts of a program to modify.
While a powerful tool in the fight to make software more secure, existing obfuscation techniques unfortunately possess several drawbacks.
Much of the work in this area only involves making it more difficult to perform “static analysis” of programs.
Many obfuscation strategies also involve extremely high overhead, which may be unacceptable for many people and prevent adoption of the security measure.
Other obfuscation strategies require the use of special hardware or fail to present complete and implementable solutions.
For example, an opaque predicate may be hard to analyze statically, but several runs of the program in a simulator can determine which branches are highly biased.
Unfortunately, specialized hardware may be expensive and not generally or widely available.
Furthermore, users may reject hardware that is incapable of running a wide variety of programs.
Some previously proposed techniques have extremely high overhead [See 2].
In fact, some previous work provides such an unreasonable execution overhead that an overhead measurement is not even suggested.
Yet other work provides a threat model that does not meet the tamper-resistance needs of modern hardware, or provides only a partial or impractical solution [See 16, 18, 27].

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System, method and computer program product for protecting software via continuous anti-tampering and obfuscation transforms
  • System, method and computer program product for protecting software via continuous anti-tampering and obfuscation transforms
  • System, method and computer program product for protecting software via continuous anti-tampering and obfuscation transforms

Examples

Experimental program
Comparison scheme
Effect test

examples and experimental

Results

[0104]Practice of the invention will be still more fully understood from the following examples and experimental results, which are presented herein for illustration only and should not be construed as limiting the invention in any way.

Example Nos. 1-16

[0105]See FIGS. 17-32, which pertain to specific exemplary (and non-limiting) embodiments as they may pertain to the approach illustrating the present invention computer method, system or computer program product embodiments of FIG. 1-16, respectively.

example no.17

Example No. 17

[0106]An aspect of the embodiment of the present invention provides a way to protect an application using a virtual machine and a variety of mechanisms to make sure that the virtual machine cannot be modified. First, the application's code segment is encrypted. The encrypted text has code to checksum itself and the virtual machine. As the application requests new fragments to execute, the virtual machine decrypts portions of the application's code segment, applies anti-tampering (including dynamic self-checksumming) and obfuscation (including dynamic resistance to disassembly, dynamic control flow graph hiding, dynamic instruction isomorphisms, dynamic dead code, and dynamic code scheduling) techniques to prevent revealing the application's instructions during execution. Combined with frequent flushing of the virtual machine's fragment cache, this invention provides significantly stronger protection than statically-applied anti-tampering and obfuscation alone.

[0107]Mos...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Method, system and computer program product for applying existing anti-tampering and obfuscation technique to virtual machine technology and offers several distinct advantages. The anti-tampering and obfuscation transforms can be applied continuously to prevent adversaries from gaining information about the program through emulation or dynamic analysis. In addition, the encryption can be used to prevent hackers from gaining information using static attacks. The use of a virtual machine also allows for low overhead execution of the obfuscated binaries as well as finer adjustment of the amount of overhead that can be tolerated. In addition, more protection can be applied to specific portions of the application that can tolerate slowdown. The incorporation of a virtual machine also makes it easy to extend the technology to integrate new developments and resistance mechanisms, leading to less development time, increased savings, and quicker deployment.

Description

RELATED APPLICATIONS[0001]The present invention claims priority from U.S. Provisional Application Ser. No. 61 / 016,009, filed Dec. 21, 2007, entitled “System and Related Method for Protecting Software Via Continuous Anti-Tampering and Obfuscation Transforms;” of which the disclosure is hereby incorporated by reference herein in its entirety.GOVERNMENT SUPPORT[0002]Work described herein was supported by Federal Grant No. CNS-0716446, awarded by the NSF. The Government has certain rights in the invention.BACKGROUND OF THE INVENTION[0003]Software programmers want the ability to make their computer software protected from undesired change. Such changes can be manual, such as a malicious user bypassing a licensing check in commercial software, or automatic, such as a virus modifying a binary to include a copy of the virus. To verify that it has not been modified, software attempts to monitor its own code, with execution changing when a modification to the code is detected (anti-tampering)...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): G06F21/22
CPCG06F21/14G06F21/10G06F21/53G06F21/52G06F21/1062G06F21/57G06F21/572G06F2221/033G06F21/562G06F21/602H04L2209/16
Inventor DAVIDSON, JACK W.HISER, JASON D.
Owner UNIV OF VIRGINIA ALUMNI PATENTS FOUND
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com