TY - CHAP
T1 - A Taxonomy of Software Integrity Protection Techniques
AU - Ahmadvand, Mohsen
AU - Pretschner, Alexander
AU - Kelbert, Florian
N1 - Publisher Copyright:
© 2019 Elsevier Inc.
PY - 2019/1/1
Y1 - 2019/1/1
N2 - Tampering with software by man-at-the-end (MATE) attackers is an attack that can lead to security circumvention, privacy violation, reputation damage, and revenue loss. In this model, adversaries are end users who have full control over software as well as its execution environment. This full control enables them to tamper with programs to their benefit and to the detriment of software vendors or other end users. Software integrity protection research seeks for means to mitigate those attacks. Since the seminal work of Aucsmith, a great deal of research effort has been devoted to fight MATE attacks, and many protection schemes were designed by both academia and industry. Advances in trusted hardware, such as TPM and Intel SGX, have also enabled researchers to utilize such technologies for additional protection. Despite the introduction of various protection schemes, there is no comprehensive comparison study that points out advantages and disadvantages of different schemes. Constraints of different schemes and their applicability in various industrial settings have not been studied. More importantly, except for some partial classifications, to the best of our knowledge, there is no taxonomy of integrity protection techniques. These limitations have left practitioners in doubt about effectiveness and applicability of such schemes to their infrastructure. In this work, we propose a taxonomy that captures protection processes by encompassing system, defense and attack perspectives. Later, we carry out a survey and map reviewed papers on our taxonomy. Finally, we correlate different dimensions of the taxonomy and discuss observations along with research gaps in the field.
AB - Tampering with software by man-at-the-end (MATE) attackers is an attack that can lead to security circumvention, privacy violation, reputation damage, and revenue loss. In this model, adversaries are end users who have full control over software as well as its execution environment. This full control enables them to tamper with programs to their benefit and to the detriment of software vendors or other end users. Software integrity protection research seeks for means to mitigate those attacks. Since the seminal work of Aucsmith, a great deal of research effort has been devoted to fight MATE attacks, and many protection schemes were designed by both academia and industry. Advances in trusted hardware, such as TPM and Intel SGX, have also enabled researchers to utilize such technologies for additional protection. Despite the introduction of various protection schemes, there is no comprehensive comparison study that points out advantages and disadvantages of different schemes. Constraints of different schemes and their applicability in various industrial settings have not been studied. More importantly, except for some partial classifications, to the best of our knowledge, there is no taxonomy of integrity protection techniques. These limitations have left practitioners in doubt about effectiveness and applicability of such schemes to their infrastructure. In this work, we propose a taxonomy that captures protection processes by encompassing system, defense and attack perspectives. Later, we carry out a survey and map reviewed papers on our taxonomy. Finally, we correlate different dimensions of the taxonomy and discuss observations along with research gaps in the field.
KW - Integrity protection
KW - Software monetization
KW - Software protection
KW - Tamper-proofing
KW - Taxonomy
UR - http://www.scopus.com/inward/record.url?scp=85044532401&partnerID=8YFLogxK
U2 - 10.1016/bs.adcom.2017.12.007
DO - 10.1016/bs.adcom.2017.12.007
M3 - Chapter
AN - SCOPUS:85044532401
SN - 9780128151211
T3 - Advances in Computers
SP - 413
EP - 486
BT - Advances in Computers
A2 - Memon, Atif M.
PB - Academic Press Inc.
ER -