Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Iterated Transformations and Quantitative Metrics for Software Protection

Mariusz H. Jakubowski, Nick Saw, and Ramarathnam Venkatesan

Abstract

This paper describes a new framework for design, implementation and evaluation of software-protection schemes. Our approach is based on the paradigm of iterated protection, which repeats and combines simple transformations to build up complexity and security. Based on ideas from the field of complex systems, iterated protection is intended as an element of a comprehensive obfuscation and tamper-resistance system, but not as a full-fledged, standalone solution. Our techniques can (and should) be combined with previously proposed approaches, strengthening overall protection.

A long-term goal of this work is to create protection methods amenable to analysis or estimation of security in practice. As a step towards this, we present security evaluation via metrics computed over transformed code. Indicating the difficulty of real-life reverse engineering and tampering, such metrics offer one approach to move away from ad hoc, poorly analyzable approaches to protection.

Details

Publication typeInproceedings
Published inInternational Conference on Security and Cryptography (SECRYPT 2009)
> Publications > Iterated Transformations and Quantitative Metrics for Software Protection