Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing

Ensuring the correct behaviour of an application is a critical security issue. One of the most popular ways to modify the intended behaviour of a program is to tamper its binary. Several solutions have been proposed to solve this problem, including trusted computing and anti-tampering techniques. Bo...

Full description

Saved in:
Bibliographic Details
Main Authors: TOFFALINI, Flavio, OCHOA, Martín, SUN, Jun, ZHOU, Jianying
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2019
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/4965
https://ink.library.smu.edu.sg/context/sis_research/article/5968/viewcontent/3292006.3300029.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-5968
record_format dspace
spelling sg-smu-ink.sis_research-59682020-03-12T07:23:30Z Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing TOFFALINI, Flavio OCHOA, Martín SUN, Jun ZHOU, Jianying Ensuring the correct behaviour of an application is a critical security issue. One of the most popular ways to modify the intended behaviour of a program is to tamper its binary. Several solutions have been proposed to solve this problem, including trusted computing and anti-tampering techniques. Both can substantially increase security, and yet both have limitations. In this work, we propose an approach which combines trusted computing technologies and anti-tampering techniques, and that synergistically overcomes some of their inherent limitations. In our approach critical software regions are protected by leveraging on trusted computing technologies and cryptographic packing, without introducing additional software layers. To illustrate our approach we implemented a secure monitor which collects user activities, such as keyboard and mouse events for insider attack detection. We show how our solution provides a strong anti-tampering guarantee with a low overhead: around 10 lines of code added to the entire application, an average execution time overhead of 5.7% and only 300KB of memory allocated for the trusted module. 2019-03-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4965 info:doi/10.1145/3292006.3300029 https://ink.library.smu.edu.sg/context/sis_research/article/5968/viewcontent/3292006.3300029.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Software Engineering
spellingShingle Software Engineering
TOFFALINI, Flavio
OCHOA, Martín
SUN, Jun
ZHOU, Jianying
Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
description Ensuring the correct behaviour of an application is a critical security issue. One of the most popular ways to modify the intended behaviour of a program is to tamper its binary. Several solutions have been proposed to solve this problem, including trusted computing and anti-tampering techniques. Both can substantially increase security, and yet both have limitations. In this work, we propose an approach which combines trusted computing technologies and anti-tampering techniques, and that synergistically overcomes some of their inherent limitations. In our approach critical software regions are protected by leveraging on trusted computing technologies and cryptographic packing, without introducing additional software layers. To illustrate our approach we implemented a secure monitor which collects user activities, such as keyboard and mouse events for insider attack detection. We show how our solution provides a strong anti-tampering guarantee with a low overhead: around 10 lines of code added to the entire application, an average execution time overhead of 5.7% and only 300KB of memory allocated for the trusted module.
format text
author TOFFALINI, Flavio
OCHOA, Martín
SUN, Jun
ZHOU, Jianying
author_facet TOFFALINI, Flavio
OCHOA, Martín
SUN, Jun
ZHOU, Jianying
author_sort TOFFALINI, Flavio
title Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
title_short Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
title_full Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
title_fullStr Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
title_full_unstemmed Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
title_sort careful-packing: a practical and scalable anti-tampering software protection enforced by trusted computing
publisher Institutional Knowledge at Singapore Management University
publishDate 2019
url https://ink.library.smu.edu.sg/sis_research/4965
https://ink.library.smu.edu.sg/context/sis_research/article/5968/viewcontent/3292006.3300029.pdf
_version_ 1770575161374801920