Distributed application tamper detection via continuous software updates

Christian Collberg, Sam Martin, Jonathan Myers, Jasvir Nagra

Research output: Chapter in Book/Report/Conference proceedingConference contribution

35 Scopus citations

Abstract

We present a new general technique for protecting clients in distributed systems against Remote Man-at-the-end (R-MATE) attacks. Such attacks occur in settings where an adversary has physical access to an untrusted client device and can obtain an advantage from tampering with the hardware itself or the software it contains. In our system, the trusted server overwhelms the analytical abilities of the untrusted client by continuously and automatically generating and pushing to him diverse client code variants. The diversity subsystem employs a set of primitive code transformations that provide an ever-changing attack target for the adversary, making tampering difficult without this being detected by the server.

Original languageEnglish (US)
Title of host publicationProceedings - 28th Annual Computer Security Applications Conference, ACSAC 2012
Pages319-328
Number of pages10
DOIs
StatePublished - Dec 1 2012
Event28th Annual Computer Security Applications Conference, ACSAC 2012 - Orlando, FL, United States
Duration: Dec 3 2012Dec 7 2012

Publication series

NameACM International Conference Proceeding Series

Other

Other28th Annual Computer Security Applications Conference, ACSAC 2012
CountryUnited States
CityOrlando, FL
Period12/3/1212/7/12

Keywords

  • Distributed systems
  • Security
  • Software protection

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Distributed application tamper detection via continuous software updates'. Together they form a unique fingerprint.

  • Cite this

    Collberg, C., Martin, S., Myers, J., & Nagra, J. (2012). Distributed application tamper detection via continuous software updates. In Proceedings - 28th Annual Computer Security Applications Conference, ACSAC 2012 (pp. 319-328). (ACM International Conference Proceeding Series). https://doi.org/10.1145/2420950.2420997