A Method for Evaluating Software Protection Mechanisms Against Man-At-The-End Attacks

• Project/Area Number: 26330094
• Research Category: Grant-in-Aid for Scientific Research (C)
• Allocation Type: Multi-year Fund
• Section: 一般
• Research Field: Software
• Research Institution: National Institute of Technology, Kumamoto College
• Principal Investigator: Kanzaki Yuichiro 熊本高等専門学校, 人間情報システム工学科, 准教授 (90435488)
• Project Period (FY): 2014-04-01 – 2017-03-31
• Project Status: Completed (Fiscal Year 2016)
• Budget Amount: ¥3,640,000 (Direct Cost: ¥2,800,000、Indirect Cost: ¥840,000); Fiscal Year 2016: ¥1,300,000 (Direct Cost: ¥1,000,000、Indirect Cost: ¥300,000); Fiscal Year 2015: ¥1,300,000 (Direct Cost: ¥1,000,000、Indirect Cost: ¥300,000); Fiscal Year 2014: ¥1,040,000 (Direct Cost: ¥800,000、Indirect Cost: ¥240,000)
• Keywords: ソフトウェア保護 / セキュリティ / プログラムの難読化 / 耐タンパソフトウェア / 難読化

Outline of Final Research Achievements

This research proposes a method for evaluating software protection mechanisms against Man-At-The-End attacks, that is, attacks by an end user who has access to software itself and attempts to steal assets in the program. This research mainly focuses on developing metrics for evaluating the stealth of an obfuscation, that is, the degree to which obfuscated code can be distinguished from unobfuscated code. The proposed metrics help evaluate the strength of the protection against an attack which goes through a typical locate-alter-test cycle.

Research Products

• [Presentation] 難読化されたプログラムに含まれる「目立つ基本ブロック」の検出 (2017)
  • Author(s): 西陽太，神崎雄一郎
  • Organizer: 2017年電子情報通信学会総合大会
  • Place of Presentation: 名城大学(名古屋市)
  • Year and Date: 2017-03-23
• [Presentation] バイナリコード中の文字列に着目したソフトウェアの流用検出 (2016)
  • Author(s): 渡辺哲士，門田暁人，玉田春昭，神崎雄一郎
  • Organizer: 電子情報通信学会 ソフトウェアサイエンス研究会
  • Place of Presentation: 彦根勤労福祉会館(彦根市)
  • Year and Date: 2016-10-28
• [Presentation] 実行トレースに着目したソフトウェア保護機構のステルス考察 (2016)
  • Author(s): 松田篤和，神崎雄一郎
  • Organizer: 情報処理学会第78回全国大会
  • Place of Presentation: 慶應義塾大学（横浜市）
  • Year and Date: 2016-03-11
• [Presentation] Pinpointing and Hiding Surprising Fragments in an Obfuscated Program (2015)
  • Author(s): Yuichiro Kanzaki, Clark Thomborson, Akito Monden, and Christian Collberg
  • Organizer: 5th Program Protection and Reverse Engineering Workshop (PPREW-5)
  • Place of Presentation: Los Angeles (USA)
  • Year and Date: 2015-12-08
  • Int'l Joint Research
• [Presentation] Code Artificiality: A Metric for the Code Stealth Based on an N-gram Model (2015)
  • Author(s): Yuichiro Kanzaki, Akito Monden, and Christian Collberg
  • Organizer: 1st International Workshop on Software Protection (SPRO2015)
  • Place of Presentation: Florence (Italy)
  • Year and Date: 2015-05-19
  • Int'l Joint Research
• [Presentation] コード断片の不自然さの比較による保護機構の発見困難さの評価 (2015)
  • Author(s): 松田篤和，神崎雄一郎，門田暁人
  • Organizer: 情報処理学会第77回全国大会
  • Place of Presentation: 京都大学
  • Year and Date: 2015-03-17
• [Presentation] 保護コードの自然さに着目した命令カムフラージュ (2015)
  • Author(s): 永井晃人，神崎雄一郎，門田暁人
  • Organizer: 情報処理学会第77回全国大会
  • Place of Presentation: 京都大学
  • Year and Date: 2015-03-17