System for Executing Encrypted Native Programs
Resh, A., Kiperberg, M., Leon, R., & Zaidenberg, N. (2017). System for Executing Encrypted Native Programs. International Journal of Digital Content Technology and its Applications, 11(3), 56-71. http://www.globalcis.org/jdcta/ppl/JDCTA3803PPL.pdf
Date
2017Copyright
© the Authors & Convergence Information Society, 2017. This is an open access article published by Convergence Information Society.
An important aspect of protecting software from attack, theft of algorithms, or illegal software use, is
eliminating the possibility of performing reverse engineering. One common method to deal with these
issues is code obfuscation. However, in most case it was shown to be ineffective. Code encryption is a
much more effective means of defying reverse engineering, but it requires managing a secret key
available to none but the permissible users. The authors propose a new and innovative solution. Critical
functions in protected software are encrypted using well-known encryption algorithms. Following
verification by external attestation, a thin hypervisor is used as the basis of an eco-system that manages
just-in-time decryption, inside the CPU, where decrypted instructions are then executed and finally
discarded, while keeping the secret key and the decrypted instructions absolutely safe. The paper
presents and compares two methodologies that perform just-in-time decryption: in-place and buffered
execution. The former being safer, while the latter boasts better performance.
...
Publisher
Convergence Information Society (GlobalCIS)ISSN Search the Publication Forum
1975-9339
Original source
http://www.globalcis.org/jdcta/ppl/JDCTA3803PPL.pdfPublication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/26511013
Metadata
Show full item recordCollections
Related items
Showing items with similar title or keywords.
-
Preventing Execution of Unauthorized Native-Code Software
Resh, Amit; Kiperberg, Michael; Leon, Roee; Zaidenberg, Nezer J. (Convergence Information Society (GlobalCIS), 2017)The business world is exhibiting a growing dependency on computer systems, their operations and the databases they contain. Unfortunately, it also suffers from an ever growing recurrence of malicious software attacks. ... -
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems
Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology ... -
Hypervisor-Based White Listing of Executables
Leon, Roee S; Kiperberg, Michael; Zabag, Anat Anatey Leon; Resh, Amit; Algawi, Asaf; Zaidenberg, Nezer J. (IEEE Computer Society Press, 2019)We describe an efficient system for ensuring code integrity of an operating system (OS), both its own code and application code. The proposed system can protect from an attacker who has full control over the OS kernel. An ... -
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
Simola, Jussi; Pöyhönen, Jouni; Lehto, Martti (Academic Conferences International, 2023)Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part ... -
Leveraging the benefits of big data with fast data for effective and efficient cybersecurity analytics systems : A robust optimisation approach
Rathod, Paresh; Hämäläinen, Timo (Academic Conferences International, 2020)In recent times, major cybersecurity breaches and cyber fraud within the public and private sectors are making international headlines. Majority of organisations are facing cybersecurity adversity and advanced threats. On ...