Prof. Bjorn De Sutter honored with the HiPEAC Tech Transfer Award

(11-12-2018) Prof. Bjorn De Sutter, ELIS research group CSL, received the HiPEAC Tech Transfer Award for his project ‘Tightly coupled self-debugging software protection’.

 

Man-at-the-end attackers aim for assets embedded in the apps distributed by providers of software, service, and content. In their labs, they try to reverse engineer the software to steal the assets or to tamper with them, e.g., to disable license checks. Preventive protections aim to make the use of tools in the attacker’s tool box harder if not impossible. One such commonly used tool is a debugger, with which attackers can observe the software as it executes.

Tightly coupled self-debugging software protection

In the tightly-coupled self-debugging technique that was developed at Ghent University and transferred to Nagravision, full code fragments are migrated from the application to the debugger. They get executed in the context of the self-debugger. Detaching the self-debugger to make room for an attacker-controlled debugger then removes essential functionality from the application and thus breaks the execution the attacker wants to study. This protection hence makes it much harder for the attacker to reverse-engineer the program or to reconvert it into the original unprotected program. The transferred technology includes the software architecture of the self-debugging protection as well as the necessary compiler technology to inject the protection into standalone applications or dynamically linked libraries at link time by means of binary rewriting. That compiler technology has been publicly released at https://github.com/aspire-fp7.

More information?

A more in-depth technical description as well as an evaluation of it on industrial use cases was presented in the following paper: Bert Abrath, Bart Coppens, Stijn Volckaert, Joris Wijnant, Bjorn De Sutter. Tightly-coupled self-debugging software protection. Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering, Art. 07, pp. 7:1-7:10, December 2016. DOI: 10.1145/3015135.3015142. The transferred technology was developed in the context of the ASPIRE FP7 STREP research project (https://www.aspire-fp7.eu). A demonstration video of the technology is available here.