Protecting Software Code by Guards View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2002

AUTHORS

Hoi Chang , Mikhail J. Atallah

ABSTRACT

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper). More... »

PAGES

160-175

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10

DOI

http://dx.doi.org/10.1007/3-540-47870-1_10

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1047590996


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Purdue University", 
          "id": "https://www.grid.ac/institutes/grid.169077.e", 
          "name": [
            "CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN\u00a047907, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Chang", 
        "givenName": "Hoi", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "name": [
            "Arxan Technologies, Inc., 3000 Kent Ave., Suite 1D-107, W. Lafayette, IN\u00a047906, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Atallah", 
        "givenName": "Mikhail J.", 
        "id": "sg:person.012653616557.06", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012653616557.06"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1016/s1389-1286(98)00019-x", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1041969633"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2002", 
    "datePublishedReg": "2002-01-01", 
    "description": "Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).", 
    "editor": [
      {
        "familyName": "Sander", 
        "givenName": "Tomas", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/3-540-47870-1_10", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-43677-5", 
        "978-3-540-47870-6"
      ], 
      "name": "Security and Privacy in Digital Rights Management", 
      "type": "Book"
    }, 
    "name": "Protecting Software Code by Guards", 
    "pagination": "160-175", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/3-540-47870-1_10"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "e2b5e2eb897ad1d14ef04fa3401c1f14a812c54886aa253aa1309bca6057b348"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1047590996"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/3-540-47870-1_10", 
      "https://app.dimensions.ai/details/publication/pub.1047590996"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T21:04", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8690_00000272.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/3-540-47870-1_10"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'


 

This table displays all metadata directly associated to this object as RDF triples.

76 TRIPLES      23 PREDICATES      28 URIs      20 LITERALS      8 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/3-540-47870-1_10 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 schema:author N98ff27e4b2a94993a5fa5cf7d6baa695
4 schema:citation https://doi.org/10.1016/s1389-1286(98)00019-x
5 schema:datePublished 2002
6 schema:datePublishedReg 2002-01-01
7 schema:description Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).
8 schema:editor N183438b75d7c4b599525b9ca7fb44e7c
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree true
12 schema:isPartOf N1d9b904036534373b666aa49b1747a66
13 schema:name Protecting Software Code by Guards
14 schema:pagination 160-175
15 schema:productId N2edb0bb7c38147a7aae15009ffa3d064
16 N3668a9cc391d4dd09ff792fe13d17b00
17 Nb30b11db95594360b95841c80e2d8dea
18 schema:publisher N5e97ddeca2624266bddf5d152d01a061
19 schema:sameAs https://app.dimensions.ai/details/publication/pub.1047590996
20 https://doi.org/10.1007/3-540-47870-1_10
21 schema:sdDatePublished 2019-04-15T21:04
22 schema:sdLicense https://scigraph.springernature.com/explorer/license/
23 schema:sdPublisher N85b9b83099ea49139245a56fd0c6bf3c
24 schema:url http://link.springer.com/10.1007/3-540-47870-1_10
25 sgo:license sg:explorer/license/
26 sgo:sdDataset chapters
27 rdf:type schema:Chapter
28 N0ac12744671c4465a358cb2f1397ca79 schema:affiliation https://www.grid.ac/institutes/grid.169077.e
29 schema:familyName Chang
30 schema:givenName Hoi
31 rdf:type schema:Person
32 N1604b658425a4a28bcc2705b59d2226d schema:name Arxan Technologies, Inc., 3000 Kent Ave., Suite 1D-107, W. Lafayette, IN 47906, USA
33 rdf:type schema:Organization
34 N183438b75d7c4b599525b9ca7fb44e7c rdf:first N6c4a0fdc32094117a8b5dc4bce5769b0
35 rdf:rest rdf:nil
36 N1d9b904036534373b666aa49b1747a66 schema:isbn 978-3-540-43677-5
37 978-3-540-47870-6
38 schema:name Security and Privacy in Digital Rights Management
39 rdf:type schema:Book
40 N2af4b075c35b475384247a62384eb24a rdf:first sg:person.012653616557.06
41 rdf:rest rdf:nil
42 N2edb0bb7c38147a7aae15009ffa3d064 schema:name doi
43 schema:value 10.1007/3-540-47870-1_10
44 rdf:type schema:PropertyValue
45 N3668a9cc391d4dd09ff792fe13d17b00 schema:name readcube_id
46 schema:value e2b5e2eb897ad1d14ef04fa3401c1f14a812c54886aa253aa1309bca6057b348
47 rdf:type schema:PropertyValue
48 N5e97ddeca2624266bddf5d152d01a061 schema:location Berlin, Heidelberg
49 schema:name Springer Berlin Heidelberg
50 rdf:type schema:Organisation
51 N6c4a0fdc32094117a8b5dc4bce5769b0 schema:familyName Sander
52 schema:givenName Tomas
53 rdf:type schema:Person
54 N85b9b83099ea49139245a56fd0c6bf3c schema:name Springer Nature - SN SciGraph project
55 rdf:type schema:Organization
56 N98ff27e4b2a94993a5fa5cf7d6baa695 rdf:first N0ac12744671c4465a358cb2f1397ca79
57 rdf:rest N2af4b075c35b475384247a62384eb24a
58 Nb30b11db95594360b95841c80e2d8dea schema:name dimensions_id
59 schema:value pub.1047590996
60 rdf:type schema:PropertyValue
61 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
62 schema:name Information and Computing Sciences
63 rdf:type schema:DefinedTerm
64 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
65 schema:name Computer Software
66 rdf:type schema:DefinedTerm
67 sg:person.012653616557.06 schema:affiliation N1604b658425a4a28bcc2705b59d2226d
68 schema:familyName Atallah
69 schema:givenName Mikhail J.
70 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012653616557.06
71 rdf:type schema:Person
72 https://doi.org/10.1016/s1389-1286(98)00019-x schema:sameAs https://app.dimensions.ai/details/publication/pub.1041969633
73 rdf:type schema:CreativeWork
74 https://www.grid.ac/institutes/grid.169077.e schema:alternateName Purdue University
75 schema:name CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN 47907, USA
76 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...