Exploiting Time-sensitive Code for Protecting Software against Dynamic Attacks

2010 Fiscal Year Final Research Report

• Project/Area Number: 20700034
• Research Category: Grant-in-Aid for Young Scientists (B)
• Allocation Type: Single-year Grants
• Research Field: Software
• Research Institution: Kumamoto National College of Technology
• Principal Investigator: KANZAKI Yuichiro Kumamoto National College of Technology, 人間情報システム工学科, 准教授 (90435488)
• Project Period (FY): 2008 – 2010
• Keywords: ソフトウェア保護 / 著作権保護 / 難読化 / 動的解析 / 耐タンパ

Research Abstract

In this study, a systematic method for protecting software against malicious reverse engineering attacks is proposed. The method transforms an arbitrary part of the program into a time-sensitive code, that is, a code which is modified during execution according to the time taken to execute a part of the program. The method helps to efficiently increase the cost of obtaining secret information via dynamic attacks. The achievements include the development of the algorithm, the implementation of the prototype system, and the evaluation of the effectiveness of the proposed method.

Research Products

• [Journal Article] ソースコードレベルにおけるプログラムのカムフラージュ (2011)
  • Author(s): 神崎雄一郎, 門田暁人, 中村匡秀, 松本健一
  • Journal Title: コンピュータソフトウェア(日本ソフトウェア科学会学会誌) Vol.28, No.1 Pages: 300-305
  • Peer Reviewed
• [Journal Article] A Goal-Oriented Approach to Software Obfuscation (2008)
  • Author(s): Hiroki Yamauchi, Akito Monden, Masahide Nakamura, Haruaki Tamada, Yuichiro Kanzaki, Ken-ichi Matsumoto
  • Journal Title: International Journal of Computer Science and Network Security Vol.8, No.9 Pages: 59-71
  • Peer Reviewed
• [Presentation] A Software Protection Method based on Time-sensitive Code and Self-modification Mechanism (2010)
  • Author(s): Yuichiro Kanzaki, et al.
  • Organizer: The IASTED International Conference on Software Engineering and Applications (IASTED SEA 2010)
  • Place of Presentation: Marina del Rey, USA
  • Year and Date: 2010-11-01
• [Presentation] 動的解析防止を目的とした実行時間依存のコード構成法 (2010)
  • Author(s): 坂口英司, ほか
  • Organizer: 第18回電子情報通信学会九州支部学生会講演会
  • Place of Presentation: 福岡市
  • Year and Date: 2010-09-24
• [Presentation] C言語で偽装内容を記述できるプログラムカムフラージュ (2010)
  • Author(s): 尾上栄浩, ほか
  • Organizer: 第18回電子情報通信学会九州支部学生会講演会
  • Place of Presentation: 福岡市
  • Year and Date: 2010-09-24
• [Presentation] 実行時間差に着目したコードの隠ぺい方法 (2009)
  • Author(s): 神崎雄一郎, ほか
  • Organizer: 第8回情報科学技術フォーラム(FIT2009)
  • Place of Presentation: 仙台市
  • Year and Date: 2009-09-02
• [Presentation] 実行時間差を用いた不正な動的解析の防止 (2009)
  • Author(s): 山口恭平, ほか
  • Organizer: 電子情報通信学会関西支部第14回学生会研究発表講演会
  • Place of Presentation: 大阪市
  • Year and Date: 2009-03-09
• [Presentation] Program Camouflage : A Systematic Instruction Hiding Method for Protecting Secrets (2008)
  • Author(s): Yuichiro Kanzaki, et al.
  • Organizer: World Congress on Science, Engineering and Technology
  • Place of Presentation: Heidel berg, Germany.
  • Year and Date: 2008-09-24