Software-based protection against changeware

Sebastian Banescu, Alexander Pretschner, Dominic Battré, Stéfano Cazzulani, Robert Shield, Greg Thompson

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

16 Zitate (Scopus)

Abstract

We call changeware software that surreptitiously modifies resources of software applications, e.g., configuration files. Changeware is developed by malicious entities which gain profit if their changeware is executed by large numbers of end-users of the targeted software. Browser hijacking mal-ware is one popular example that aims at changing web- browser settings such as the default search engine or the home page. Changeware tends to provoke end-user dissat-isfaction with the target application, e.g. due to repeated failure of persisting the desired configuration. We describe a solution to counter changeware, to be employed by ven- dors of software targeted by changeware. It combines several protection mechanisms: white-box cryptography to hide a cryptographic key, software diversity to counter automated key retrieval attacks, and run-time process memory integrity checking to avoid illegitimate calls of the developed API.

OriginalspracheEnglisch
TitelCODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy
Herausgeber (Verlag)Association for Computing Machinery
Seiten231-242
Seitenumfang12
ISBN (elektronisch)9781450331913
DOIs
PublikationsstatusVeröffentlicht - 2 März 2015
Veranstaltung5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015 - San Antonio, USA/Vereinigte Staaten
Dauer: 2 März 20154 März 2015

Publikationsreihe

NameCODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy

Konferenz

Konferenz5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015
Land/GebietUSA/Vereinigte Staaten
OrtSan Antonio
Zeitraum2/03/154/03/15

Fingerprint

Untersuchen Sie die Forschungsthemen von „Software-based protection against changeware“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren