ISU Electrical and Computer Engineering Archives

Software tamper resistance through dynamic monitoring

Brian Blietz, B.B. (2004) Software tamper resistance through dynamic monitoring. Masters thesis, Iowa State University.

Full text available as:

PDF - Requires Adobe Acrobat Reader or other PDF viewer.


This thesis describes a two instruction-stream (two-process) model for tamper resistance. One process (Monitor process, M-Process) is designed explicitly to monitor the control flow of the main program process (P-Process). The compilation phase compiles the software into two co-processes: P-process and M-process. The monitor process contains the control flow consistency conditions for the P-process. The P-process sends information on its instantiated control flow at a fixed period, that poses acceptable overhead, to the M-process. If there is a violation of the control flow conditions captured within the M-process, the M-process takes an anti-tamper action such as termination of the P-process. By its very design, the monitor process is expected to be compact. Hence, we can afford to protect the M-process with a more expensive technique, a variant of Aucsmith's scheme. This scheme has been implemented with the Gnu C compiler {\it gcc}. There are several other monitoring, obfuscation, and dynamic decryption techniques that are embedded in this system. We quantify the performance overhead of the scheme for a variety of programs. We also propose a two-stream architecture that can make the scheme more robust and efficient.

EPrint Type:Thesis (Masters)
Uncontrolled Keywords:tamper resistant software proctection control flow monitoring
Subjects:Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Information Assurance
Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Computer Networking and Security
ID Code:93
Identification Number:Identification Number UNSPECIFIED
Deposited By:Brian Blietz
Deposited On:21 July 2004

Archive Staff Only: edit this record