Protecting Software Code by Guards View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2002

AUTHORS

Hoi Chang , Mikhail J. Atallah

ABSTRACT

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper). More... »

PAGES

160-175

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10

DOI

http://dx.doi.org/10.1007/3-540-47870-1_10

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1047590996


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Purdue University", 
          "id": "https://www.grid.ac/institutes/grid.169077.e", 
          "name": [
            "CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN\u00a047907, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Chang", 
        "givenName": "Hoi", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "name": [
            "Arxan Technologies, Inc., 3000 Kent Ave., Suite 1D-107, W. Lafayette, IN\u00a047906, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Atallah", 
        "givenName": "Mikhail J.", 
        "id": "sg:person.012653616557.06", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012653616557.06"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1016/s1389-1286(98)00019-x", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1041969633"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2002", 
    "datePublishedReg": "2002-01-01", 
    "description": "Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).", 
    "editor": [
      {
        "familyName": "Sander", 
        "givenName": "Tomas", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/3-540-47870-1_10", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-43677-5", 
        "978-3-540-47870-6"
      ], 
      "name": "Security and Privacy in Digital Rights Management", 
      "type": "Book"
    }, 
    "name": "Protecting Software Code by Guards", 
    "pagination": "160-175", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/3-540-47870-1_10"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "e2b5e2eb897ad1d14ef04fa3401c1f14a812c54886aa253aa1309bca6057b348"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1047590996"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/3-540-47870-1_10", 
      "https://app.dimensions.ai/details/publication/pub.1047590996"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T21:04", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8690_00000272.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/3-540-47870-1_10"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'


 

This table displays all metadata directly associated to this object as RDF triples.

76 TRIPLES      23 PREDICATES      28 URIs      20 LITERALS      8 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/3-540-47870-1_10 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 schema:author N2d3a1a3a12dc4b56a4c6bd8ad1272ca4
4 schema:citation https://doi.org/10.1016/s1389-1286(98)00019-x
5 schema:datePublished 2002
6 schema:datePublishedReg 2002-01-01
7 schema:description Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).
8 schema:editor N52db33b983784f778e7ed3e51e01dce7
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree true
12 schema:isPartOf N0bddecab3cb841c5ac9beb847d7501bb
13 schema:name Protecting Software Code by Guards
14 schema:pagination 160-175
15 schema:productId N413f6719354046fa9d44cdda470831d1
16 Nce97c1dafa9c4a209bbd6a13a517a7ac
17 Ne9ce5753630c4ad8ae66697aad7b4c11
18 schema:publisher Nb9aad20086764152a7c82ec00401a4ad
19 schema:sameAs https://app.dimensions.ai/details/publication/pub.1047590996
20 https://doi.org/10.1007/3-540-47870-1_10
21 schema:sdDatePublished 2019-04-15T21:04
22 schema:sdLicense https://scigraph.springernature.com/explorer/license/
23 schema:sdPublisher N89e56778570745c3b13399cb6b7b0a93
24 schema:url http://link.springer.com/10.1007/3-540-47870-1_10
25 sgo:license sg:explorer/license/
26 sgo:sdDataset chapters
27 rdf:type schema:Chapter
28 N0408d83a83f747c2b808aac30c6317a5 schema:affiliation https://www.grid.ac/institutes/grid.169077.e
29 schema:familyName Chang
30 schema:givenName Hoi
31 rdf:type schema:Person
32 N0bddecab3cb841c5ac9beb847d7501bb schema:isbn 978-3-540-43677-5
33 978-3-540-47870-6
34 schema:name Security and Privacy in Digital Rights Management
35 rdf:type schema:Book
36 N13102aae093e49d9b53485fd727fd84f schema:familyName Sander
37 schema:givenName Tomas
38 rdf:type schema:Person
39 N2d3a1a3a12dc4b56a4c6bd8ad1272ca4 rdf:first N0408d83a83f747c2b808aac30c6317a5
40 rdf:rest N991bbcaf99784155adfd109540391080
41 N413f6719354046fa9d44cdda470831d1 schema:name readcube_id
42 schema:value e2b5e2eb897ad1d14ef04fa3401c1f14a812c54886aa253aa1309bca6057b348
43 rdf:type schema:PropertyValue
44 N52db33b983784f778e7ed3e51e01dce7 rdf:first N13102aae093e49d9b53485fd727fd84f
45 rdf:rest rdf:nil
46 N5c4d19d1dc84405cac85756789886c69 schema:name Arxan Technologies, Inc., 3000 Kent Ave., Suite 1D-107, W. Lafayette, IN 47906, USA
47 rdf:type schema:Organization
48 N89e56778570745c3b13399cb6b7b0a93 schema:name Springer Nature - SN SciGraph project
49 rdf:type schema:Organization
50 N991bbcaf99784155adfd109540391080 rdf:first sg:person.012653616557.06
51 rdf:rest rdf:nil
52 Nb9aad20086764152a7c82ec00401a4ad schema:location Berlin, Heidelberg
53 schema:name Springer Berlin Heidelberg
54 rdf:type schema:Organisation
55 Nce97c1dafa9c4a209bbd6a13a517a7ac schema:name dimensions_id
56 schema:value pub.1047590996
57 rdf:type schema:PropertyValue
58 Ne9ce5753630c4ad8ae66697aad7b4c11 schema:name doi
59 schema:value 10.1007/3-540-47870-1_10
60 rdf:type schema:PropertyValue
61 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
62 schema:name Information and Computing Sciences
63 rdf:type schema:DefinedTerm
64 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
65 schema:name Computer Software
66 rdf:type schema:DefinedTerm
67 sg:person.012653616557.06 schema:affiliation N5c4d19d1dc84405cac85756789886c69
68 schema:familyName Atallah
69 schema:givenName Mikhail J.
70 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012653616557.06
71 rdf:type schema:Person
72 https://doi.org/10.1016/s1389-1286(98)00019-x schema:sameAs https://app.dimensions.ai/details/publication/pub.1041969633
73 rdf:type schema:CreativeWork
74 https://www.grid.ac/institutes/grid.169077.e schema:alternateName Purdue University
75 schema:name CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN 47907, USA
76 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...