Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing
Ensuring the correct behaviour of an application is a critical security issue. One of the most popular ways to modify the intended behaviour of a program is to tamper its binary. Several solutions have been proposed to solve this problem, including trusted computing and anti-tampering techniques. Bo...
Saved in:
Main Authors: | , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2019
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/4965 https://ink.library.smu.edu.sg/context/sis_research/article/5968/viewcontent/3292006.3300029.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-5968 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-59682020-03-12T07:23:30Z Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing TOFFALINI, Flavio OCHOA, Martín SUN, Jun ZHOU, Jianying Ensuring the correct behaviour of an application is a critical security issue. One of the most popular ways to modify the intended behaviour of a program is to tamper its binary. Several solutions have been proposed to solve this problem, including trusted computing and anti-tampering techniques. Both can substantially increase security, and yet both have limitations. In this work, we propose an approach which combines trusted computing technologies and anti-tampering techniques, and that synergistically overcomes some of their inherent limitations. In our approach critical software regions are protected by leveraging on trusted computing technologies and cryptographic packing, without introducing additional software layers. To illustrate our approach we implemented a secure monitor which collects user activities, such as keyboard and mouse events for insider attack detection. We show how our solution provides a strong anti-tampering guarantee with a low overhead: around 10 lines of code added to the entire application, an average execution time overhead of 5.7% and only 300KB of memory allocated for the trusted module. 2019-03-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4965 info:doi/10.1145/3292006.3300029 https://ink.library.smu.edu.sg/context/sis_research/article/5968/viewcontent/3292006.3300029.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Software Engineering |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Software Engineering |
spellingShingle |
Software Engineering TOFFALINI, Flavio OCHOA, Martín SUN, Jun ZHOU, Jianying Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing |
description |
Ensuring the correct behaviour of an application is a critical security issue. One of the most popular ways to modify the intended behaviour of a program is to tamper its binary. Several solutions have been proposed to solve this problem, including trusted computing and anti-tampering techniques. Both can substantially increase security, and yet both have limitations. In this work, we propose an approach which combines trusted computing technologies and anti-tampering techniques, and that synergistically overcomes some of their inherent limitations. In our approach critical software regions are protected by leveraging on trusted computing technologies and cryptographic packing, without introducing additional software layers. To illustrate our approach we implemented a secure monitor which collects user activities, such as keyboard and mouse events for insider attack detection. We show how our solution provides a strong anti-tampering guarantee with a low overhead: around 10 lines of code added to the entire application, an average execution time overhead of 5.7% and only 300KB of memory allocated for the trusted module. |
format |
text |
author |
TOFFALINI, Flavio OCHOA, Martín SUN, Jun ZHOU, Jianying |
author_facet |
TOFFALINI, Flavio OCHOA, Martín SUN, Jun ZHOU, Jianying |
author_sort |
TOFFALINI, Flavio |
title |
Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing |
title_short |
Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing |
title_full |
Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing |
title_fullStr |
Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing |
title_full_unstemmed |
Careful-Packing: A practical and scalable anti-tampering software protection enforced by trusted computing |
title_sort |
careful-packing: a practical and scalable anti-tampering software protection enforced by trusted computing |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2019 |
url |
https://ink.library.smu.edu.sg/sis_research/4965 https://ink.library.smu.edu.sg/context/sis_research/article/5968/viewcontent/3292006.3300029.pdf |
_version_ |
1770575161374801920 |