Identifying and understanding self-checksumming defenses in software

Jing Qiu, Babak Yadegari, Brian Johannesmeyer, Saumya K Debray, Xiaohong Su

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

Software self-checksumming is widely used as an anti-tam- pering mechanism for protecting intellectual property and deterring piracy. This makes it important to understand the strengths and weaknesses of various approaches to self- checksumming. This paper describes a dynamic information- flow-based attack that aims to identify and understand self- checksumming behavior in software. Our approach is appli- cable to a wide class of self-chesumming defenses and the in- formation obtained can be used to determine how the check- summing defenses may be bypassed. Experiments using a prototype implementation of our ideas indicate that our ap- proach can successfully identify self-checksumming behavior in (our implementations of) proposals from the research lit- erature.

Original languageEnglish (US)
Title of host publicationCODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages207-218
Number of pages12
ISBN (Print)9781450331913
DOIs
Publication statusPublished - Mar 2 2015
Event5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015 - San Antonio, United States
Duration: Mar 2 2015Mar 4 2015

Other

Other5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015
CountryUnited States
CitySan Antonio
Period3/2/153/4/15

    Fingerprint

ASJC Scopus subject areas

  • Information Systems
  • Software
  • Computer Science Applications

Cite this

Qiu, J., Yadegari, B., Johannesmeyer, B., Debray, S. K., & Su, X. (2015). Identifying and understanding self-checksumming defenses in software. In CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (pp. 207-218). Association for Computing Machinery, Inc. https://doi.org/10.1145/2699026.2699109