Identifying and understanding self-checksumming defenses in software

Jing Qiu; Babak Yadegari; Brian Johannesmeyer; Saumya Debray; Xiaohong Su

doi:10.1145/2699026.2699109

Identifying and understanding self-checksumming defenses in software

Jing Qiu, Babak Yadegari, Brian Johannesmeyer, Saumya Debray, Xiaohong Su

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

18 Scopus citations

Abstract

Software self-checksumming is widely used as an anti-tam- pering mechanism for protecting intellectual property and deterring piracy. This makes it important to understand the strengths and weaknesses of various approaches to self- checksumming. This paper describes a dynamic information- flow-based attack that aims to identify and understand self- checksumming behavior in software. Our approach is appli- cable to a wide class of self-chesumming defenses and the in- formation obtained can be used to determine how the check- summing defenses may be bypassed. Experiments using a prototype implementation of our ideas indicate that our ap- proach can successfully identify self-checksumming behavior in (our implementations of) proposals from the research lit- erature.

Original language	English (US)
Title of host publication	CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy
Publisher	Association for Computing Machinery
Pages	207-218
Number of pages	12
ISBN (Electronic)	9781450331913
DOIs	https://doi.org/10.1145/2699026.2699109
State	Published - Mar 2 2015
Event	5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015 - San Antonio, United States Duration: Mar 2 2015 → Mar 4 2015

Publication series

Name	CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy

Other

Other	5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015
Country/Territory	United States
City	San Antonio
Period	3/2/15 → 3/4/15

ASJC Scopus subject areas

Information Systems
Software
Computer Science Applications

Access to Document

10.1145/2699026.2699109

Cite this

Qiu, J., Yadegari, B., Johannesmeyer, B., Debray, S., & Su, X. (2015). Identifying and understanding self-checksumming defenses in software. In CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (pp. 207-218). (CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy). Association for Computing Machinery. https://doi.org/10.1145/2699026.2699109

Identifying and understanding self-checksumming defenses in software. / Qiu, Jing; Yadegari, Babak; Johannesmeyer, Brian et al.
CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, 2015. p. 207-218 (CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Qiu, J, Yadegari, B, Johannesmeyer, B, Debray, S & Su, X 2015, Identifying and understanding self-checksumming defenses in software. in CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery, pp. 207-218, 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015, San Antonio, United States, 3/2/15. https://doi.org/10.1145/2699026.2699109

Qiu J, Yadegari B, Johannesmeyer B, Debray S, Su X. Identifying and understanding self-checksumming defenses in software. In CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery. 2015. p. 207-218. (CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy). doi: 10.1145/2699026.2699109

Qiu, Jing ; Yadegari, Babak ; Johannesmeyer, Brian et al. / Identifying and understanding self-checksumming defenses in software. CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, 2015. pp. 207-218 (CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy).

@inproceedings{b25ae0dce46749c8bd384dbfece06b19,

title = "Identifying and understanding self-checksumming defenses in software",

abstract = "Software self-checksumming is widely used as an anti-tam- pering mechanism for protecting intellectual property and deterring piracy. This makes it important to understand the strengths and weaknesses of various approaches to self- checksumming. This paper describes a dynamic information- flow-based attack that aims to identify and understand self- checksumming behavior in software. Our approach is appli- cable to a wide class of self-chesumming defenses and the in- formation obtained can be used to determine how the check- summing defenses may be bypassed. Experiments using a prototype implementation of our ideas indicate that our ap- proach can successfully identify self-checksumming behavior in (our implementations of) proposals from the research lit- erature.",

author = "Jing Qiu and Babak Yadegari and Brian Johannesmeyer and Saumya Debray and Xiaohong Su",

note = "Publisher Copyright: Copyright {\textcopyright} 2015 ACM.; 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015 ; Conference date: 02-03-2015 Through 04-03-2015",

year = "2015",

month = mar,

day = "2",

doi = "10.1145/2699026.2699109",

language = "English (US)",

series = "CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy",

publisher = "Association for Computing Machinery",

pages = "207--218",

booktitle = "CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy",

}

TY - GEN

T1 - Identifying and understanding self-checksumming defenses in software

AU - Qiu, Jing

AU - Yadegari, Babak

AU - Johannesmeyer, Brian

AU - Debray, Saumya

AU - Su, Xiaohong

PY - 2015/3/2

Y1 - 2015/3/2

N2 - Software self-checksumming is widely used as an anti-tam- pering mechanism for protecting intellectual property and deterring piracy. This makes it important to understand the strengths and weaknesses of various approaches to self- checksumming. This paper describes a dynamic information- flow-based attack that aims to identify and understand self- checksumming behavior in software. Our approach is appli- cable to a wide class of self-chesumming defenses and the in- formation obtained can be used to determine how the check- summing defenses may be bypassed. Experiments using a prototype implementation of our ideas indicate that our ap- proach can successfully identify self-checksumming behavior in (our implementations of) proposals from the research lit- erature.

AB - Software self-checksumming is widely used as an anti-tam- pering mechanism for protecting intellectual property and deterring piracy. This makes it important to understand the strengths and weaknesses of various approaches to self- checksumming. This paper describes a dynamic information- flow-based attack that aims to identify and understand self- checksumming behavior in software. Our approach is appli- cable to a wide class of self-chesumming defenses and the in- formation obtained can be used to determine how the check- summing defenses may be bypassed. Experiments using a prototype implementation of our ideas indicate that our ap- proach can successfully identify self-checksumming behavior in (our implementations of) proposals from the research lit- erature.

UR - http://www.scopus.com/inward/record.url?scp=84928140864&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84928140864&partnerID=8YFLogxK

U2 - 10.1145/2699026.2699109

DO - 10.1145/2699026.2699109

M3 - Conference contribution

AN - SCOPUS:84928140864

T3 - CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy

SP - 207

EP - 218

BT - CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery

T2 - 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015

Y2 - 2 March 2015 through 4 March 2015

ER -

Identifying and understanding self-checksumming defenses in software

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this