WO2007037838A3 - System and method for software tamper detection - Google Patents
System and method for software tamper detection Download PDFInfo
- Publication number
- WO2007037838A3 WO2007037838A3 PCT/US2006/032618 US2006032618W WO2007037838A3 WO 2007037838 A3 WO2007037838 A3 WO 2007037838A3 US 2006032618 W US2006032618 W US 2006032618W WO 2007037838 A3 WO2007037838 A3 WO 2007037838A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- software
- pattern
- resulting
- software code
- unauthorized modification
- Prior art date
Links
- 238000000034 method Methods 0.000 title abstract 2
- 238000001514 detection method Methods 0.000 title 1
- 239000011159 matrix material Substances 0.000 abstract 2
- 238000012986 modification Methods 0.000 abstract 2
- 230000004048 modification Effects 0.000 abstract 2
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
A method, system, and apparatus are directed towards detecting unauthorized modification of software, such as virtual smart card software. An analysis is performed on the software to generate a unique pattern that is based on the integrity of the software. The pattern is generated using various portions of the software code. In one embodiment, matrix manipulations that involve a sequence of randomly selected matrix operations are performed on extracted portions of the software code. Sample sizes of the software code, sizes of the matrices, and other initialization parameters may be selected based on a desired security level. The resulting pattern may then be compared to a known normal pattern for the software to detect unauthorized modification. In one embodiment, however, the resulting pattern may be algorithmically combined with another value. The resulting combination may be used to decrypt content, if the software has not been modified.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06789903A EP1952245A2 (en) | 2005-09-21 | 2006-08-21 | System and method for software tamper detection |
CA002623430A CA2623430A1 (en) | 2005-09-21 | 2006-08-21 | System and method for software tamper detection |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/232,471 | 2005-09-21 | ||
US11/232,471 US20070067643A1 (en) | 2005-09-21 | 2005-09-21 | System and method for software tamper detection |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007037838A2 WO2007037838A2 (en) | 2007-04-05 |
WO2007037838A3 true WO2007037838A3 (en) | 2009-04-23 |
Family
ID=37885624
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/032618 WO2007037838A2 (en) | 2005-09-21 | 2006-08-21 | System and method for software tamper detection |
Country Status (5)
Country | Link |
---|---|
US (1) | US20070067643A1 (en) |
EP (1) | EP1952245A2 (en) |
CA (1) | CA2623430A1 (en) |
TW (1) | TWI361352B (en) |
WO (1) | WO2007037838A2 (en) |
Families Citing this family (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7792978B2 (en) * | 2001-12-28 | 2010-09-07 | At&T Intellectual Property I, L.P. | System and method to remotely manage and audit set top box resources |
GB2443264A (en) * | 2006-10-27 | 2008-04-30 | Ntnu Technology Transfer As | Integrity checking method for a device in a computer network, which controls access to data; e.g. to prevent cheating in online game |
CN101335746A (en) * | 2007-06-29 | 2008-12-31 | 国际商业机器公司 | Security apparatus, method and system protecting integrity of software system |
US20090113549A1 (en) * | 2007-10-24 | 2009-04-30 | International Business Machines Corporation | System and method to analyze software systems against tampering |
US20100287083A1 (en) * | 2007-12-28 | 2010-11-11 | Mastercard International, Inc. | Detecting modifications to financial terminals |
US8578510B2 (en) * | 2008-06-26 | 2013-11-05 | Valve Corporation | Anti-piracy measures for a video game using hidden secrets |
US20100107245A1 (en) * | 2008-10-29 | 2010-04-29 | Microsoft Corporation | Tamper-tolerant programs |
TWI393003B (en) * | 2009-01-13 | 2013-04-11 | Quanta Comp Inc | Remote hardware inspection system and method |
CN101998164B (en) * | 2009-08-17 | 2013-08-07 | 北京视博数字电视科技有限公司 | Program information generating method and terminal device |
CA3179622A1 (en) * | 2010-10-08 | 2012-04-12 | Brian Lee Moffat | Private data sharing system |
TWI417813B (en) * | 2010-12-16 | 2013-12-01 | Ind Tech Res Inst | Cascadable camera tampering detection transceiver module |
US8719586B1 (en) * | 2011-03-09 | 2014-05-06 | Amazon Technologies, Inc. | Digital rights management for applications |
US9262600B2 (en) * | 2011-10-04 | 2016-02-16 | Arxan Technologies, Inc. | Tamper proof mutating software |
WO2013095504A1 (en) | 2011-12-22 | 2013-06-27 | Intel Corporation | Matrix multiply accumulate instruction |
US8638935B2 (en) * | 2012-01-12 | 2014-01-28 | Apple Inc. | System and method for key space division and sub-key derivation for mixed media digital rights management content |
DE102013201937A1 (en) * | 2013-02-06 | 2014-08-07 | Areva Gmbh | Device and method for detecting unauthorized manipulations of the system state of a control unit of a nuclear installation |
US20150142679A1 (en) * | 2013-11-15 | 2015-05-21 | Adobe Systems Incorporated | Provisioning rules to manage user entitlements |
US8990121B1 (en) | 2014-05-08 | 2015-03-24 | Square, Inc. | Establishment of a secure session between a card reader and a mobile device |
US10438187B2 (en) * | 2014-05-08 | 2019-10-08 | Square, Inc. | Establishment of a secure session between a card reader and a mobile device |
US20170134379A1 (en) * | 2014-06-16 | 2017-05-11 | Polyvalor, Limted Partnership | Method for securing an application and data |
KR101566141B1 (en) | 2014-10-20 | 2015-11-06 | 숭실대학교산학협력단 | User Terminal to Detect the Tampering of the Applications Using Signature Information and Method for Tamper Detection Using the Same |
KR101518689B1 (en) * | 2014-10-20 | 2015-05-12 | 숭실대학교산학협력단 | User Terminal to Detect the Tampering of the Applications Using Core Code and Method for Tamper Detection Using the Same |
US11593780B1 (en) | 2015-12-10 | 2023-02-28 | Block, Inc. | Creation and validation of a secure list of security certificates |
US9940612B1 (en) | 2016-09-30 | 2018-04-10 | Square, Inc. | Fraud detection in portable payment readers |
US10803461B2 (en) | 2016-09-30 | 2020-10-13 | Square, Inc. | Fraud detection in portable payment readers |
US10623438B2 (en) | 2016-12-28 | 2020-04-14 | Mcafee, Llc | Detecting execution of modified executable code |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5966444A (en) * | 1996-12-06 | 1999-10-12 | Yuan; Chuan K. | Method and system for establishing a cryptographic key agreement using linear protocols |
US20050154899A1 (en) * | 2004-01-09 | 2005-07-14 | The United States Of America As Represented By The Secretary Of The Army | Mobile software authentication and validation |
Family Cites Families (77)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5870474A (en) * | 1995-12-04 | 1999-02-09 | Scientific-Atlanta, Inc. | Method and apparatus for providing conditional access in connection-oriented, interactive networks with a multiplicity of service providers |
CA1186028A (en) * | 1982-06-23 | 1985-04-23 | Microdesign Limited | Method and apparatus for scrambling and unscrambling data streams using encryption and decryption |
US4694489A (en) * | 1983-12-22 | 1987-09-15 | Frederiksen Jeffrey E | Video transmission system |
EP0626793B1 (en) * | 1986-04-18 | 2001-11-28 | Nagra Plus S.A. | Pay television system |
WO1988009550A1 (en) * | 1987-05-22 | 1988-12-01 | Kudelski Sa Fabrique D'enregistreurs Nagra | Magnetic or other recording device with rotating engraving head(s) |
FR2643529B1 (en) * | 1989-02-22 | 1991-06-07 | Kudelski Sa Fabr Enregistr Nag | PAID TELEVISION SYSTEM USING A MEMORY CARD ASSOCIATED WITH A DECODER |
CH682614A5 (en) * | 1990-02-21 | 1993-10-15 | Kudelski Sa | Method for scrambling and unscrambling a video signal. |
CA2084575C (en) * | 1991-12-31 | 1996-12-03 | Chris A. Dinallo | Personal computer with generalized data streaming apparatus for multimedia devices |
US5339413A (en) * | 1992-08-21 | 1994-08-16 | International Business Machines Corporation | Data stream protocol for multimedia data streaming data processing system |
FR2700430B1 (en) * | 1992-12-30 | 1995-02-10 | Jacques Stern | Method of authenticating at least one identification device by a verification device and device for its implementation. |
US5640546A (en) * | 1993-02-23 | 1997-06-17 | Network Programs, Inc. | Composition of systems of objects by interlocking coordination, projection, and distribution |
IL119874A (en) * | 1993-04-16 | 1999-05-09 | News Datacom Research Ltd | Methods and systems for non program applications for subscriber television |
US5592212A (en) * | 1993-04-16 | 1997-01-07 | News Datacom Ltd. | Methods and systems for non-program applications for subscriber television |
US5774527A (en) * | 1993-08-19 | 1998-06-30 | News Datacom Ltd. | Integrated telephone and cable communication networks |
IL106746A (en) * | 1993-08-19 | 1997-02-18 | News Datacom Ltd | CATV systems |
NL9301784A (en) * | 1993-10-14 | 1995-05-01 | Irdeto Bv | System for encrypting and decrypting digital information. |
KR950013093A (en) * | 1993-10-19 | 1995-05-17 | 모리시타 요이찌 | Scramble Transfer Device and Random Number Generator |
IL107967A (en) * | 1993-12-09 | 1996-12-05 | News Datacom Research Ltd | Apparatus and method for securing communication systems |
IL111151A (en) * | 1994-10-03 | 1998-09-24 | News Datacom Ltd | Secure access systems |
US6298441B1 (en) * | 1994-03-10 | 2001-10-02 | News Datacom Ltd. | Secure document access system |
GB9407038D0 (en) * | 1994-04-08 | 1994-06-01 | Amstrad Plc | Method and apparatus for transmitting and receiving encrypted signals |
US5758257A (en) * | 1994-11-29 | 1998-05-26 | Herz; Frederick | System and method for scheduling broadcast of and access to video programs and other data using customer profiles |
US5892900A (en) * | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US5943422A (en) * | 1996-08-12 | 1999-08-24 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
ATE441897T1 (en) * | 1995-02-13 | 2009-09-15 | Intertrust Tech Corp | SYSTEMS AND METHODS FOR MANAGING SECURED TRANSACTIONS AND PROTECTING ELECTRONIC RIGHTS |
US6157721A (en) * | 1996-08-12 | 2000-12-05 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
US5621793A (en) * | 1995-05-05 | 1997-04-15 | Rubin, Bednarek & Associates, Inc. | TV set top box using GPS |
NL1000530C2 (en) * | 1995-06-08 | 1996-12-10 | Defil N V Holland Intertrust A | Filtering method. |
CA2179223C (en) * | 1995-06-23 | 2009-01-06 | Manfred Von Willich | Method and apparatus for controlling the operation of a signal decoder in a broadcasting system |
US6035037A (en) * | 1995-08-04 | 2000-03-07 | Thomson Electronic Consumers, Inc. | System for processing a video signal via series-connected high speed signal processing smart cards |
GB9521739D0 (en) * | 1995-10-24 | 1996-01-03 | Nat Transcommunications Ltd | Decoding carriers encoded using orthogonal frequency division multiplexing |
US5684876A (en) * | 1995-11-15 | 1997-11-04 | Scientific-Atlanta, Inc. | Apparatus and method for cipher stealing when encrypting MPEG transport packets |
CA2242596C (en) * | 1996-01-11 | 2012-06-19 | Mrj, Inc. | System for controlling access and distribution of digital property |
US5805705A (en) * | 1996-01-29 | 1998-09-08 | International Business Machines Corporation | Synchronization of encryption/decryption keys in a data communication network |
EP0826288B1 (en) * | 1996-03-18 | 2000-09-13 | News Datacom Ltd. | Smart card chaining in pay television systems |
US6049671A (en) * | 1996-04-18 | 2000-04-11 | Microsoft Corporation | Method for identifying and obtaining computer software from a network computer |
EP0827340A3 (en) * | 1996-08-30 | 1999-10-06 | Matsushita Electric Industrial Co., Ltd. | Terminal apparatus and method for achieving interactive operations |
JP2001501394A (en) * | 1996-09-17 | 2001-01-30 | ディヴァ システムズ コーポレイション | Set-top terminal for interactive information distribution system |
US5939975A (en) * | 1996-09-19 | 1999-08-17 | Nds Ltd. | Theft prevention system and method |
US5883957A (en) * | 1996-09-20 | 1999-03-16 | Laboratory Technologies Corporation | Methods and apparatus for encrypting and decrypting MIDI files |
EP0834991A1 (en) * | 1996-10-02 | 1998-04-08 | Irdeto B.V. | Method for automatically searching a frequency range for signal channels in a receiver for digitally modulated signals, and receiver for applying such a method |
US6178242B1 (en) * | 1997-02-07 | 2001-01-23 | Nds Limited | Digital recording protection system |
US5920861A (en) * | 1997-02-25 | 1999-07-06 | Intertrust Technologies Corp. | Techniques for defining using and manipulating rights management data structures |
US6189097B1 (en) * | 1997-03-24 | 2001-02-13 | Preview Systems, Inc. | Digital Certificate |
US6272636B1 (en) * | 1997-04-11 | 2001-08-07 | Preview Systems, Inc | Digital product execution control and security |
US6073256A (en) * | 1997-04-11 | 2000-06-06 | Preview Systems, Inc. | Digital product execution control |
US6055503A (en) * | 1997-08-29 | 2000-04-25 | Preview Systems | Software program self-modification |
US6112181A (en) * | 1997-11-06 | 2000-08-29 | Intertrust Technologies Corporation | Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information |
EP0917356A1 (en) * | 1997-11-17 | 1999-05-19 | CANAL+ Société Anonyme | Packet filtering |
US6409089B1 (en) * | 1997-12-10 | 2002-06-25 | Thomson Licensing S.A. | Method for protecting the audio/visual data across the NRSS interface |
US5991399A (en) * | 1997-12-18 | 1999-11-23 | Intel Corporation | Method for securely distributing a conditional use private key to a trusted entity on a remote system |
DE69805155T2 (en) * | 1998-01-14 | 2002-09-05 | Irdeto Access Bv | Integrated circuit and chip card with such a circuit |
DE19838628A1 (en) * | 1998-08-26 | 2000-03-02 | Ibm | Extended smart card communication architecture and method for communication between smart card application and data carrier |
IL123554A (en) * | 1998-03-04 | 2003-01-12 | Nds Ltd | Key delivery in a secure broadcasting system |
GB9806076D0 (en) * | 1998-03-20 | 1998-05-20 | Nds Ltd | Improvements in or relating to the insertion and removal of smart cards |
US6459427B1 (en) * | 1998-04-01 | 2002-10-01 | Liberate Technologies | Apparatus and method for web-casting over digital broadcast TV network |
US6285985B1 (en) * | 1998-04-03 | 2001-09-04 | Preview Systems, Inc. | Advertising-subsidized and advertising-enabled software |
US6118873A (en) * | 1998-04-24 | 2000-09-12 | International Business Machines Corporation | System for encrypting broadcast programs in the presence of compromised receiver devices |
IL124595A (en) * | 1998-05-21 | 2009-09-01 | Yossef Tsuria | Anti-piracy system |
EP1082853A1 (en) * | 1998-05-29 | 2001-03-14 | Diva Systems Corporation | Interactive information distribution system and method |
US6311221B1 (en) * | 1998-07-22 | 2001-10-30 | Appstream Inc. | Streaming modules |
US7162642B2 (en) * | 1999-01-06 | 2007-01-09 | Digital Video Express, L.P. | Digital content distribution system and method |
US6505299B1 (en) * | 1999-03-01 | 2003-01-07 | Sharp Laboratories Of America, Inc. | Digital image scrambling for image coding systems |
US6415031B1 (en) * | 1999-03-12 | 2002-07-02 | Diva Systems Corporation | Selective and renewable encryption for secure distribution of video on-demand |
JP4256031B2 (en) * | 1999-07-27 | 2009-04-22 | 東京エレクトロン株式会社 | Processing apparatus and temperature control method thereof |
KR20010101329A (en) * | 1999-10-29 | 2001-11-14 | 요트.게.아. 롤페즈 | Video encoding-method |
US6449719B1 (en) * | 1999-11-09 | 2002-09-10 | Widevine Technologies, Inc. | Process and streaming server for encrypting a data stream |
KR100378791B1 (en) * | 1999-12-02 | 2003-04-07 | 엘지전자 주식회사 | Packet identifier section filter |
US6968061B2 (en) * | 2000-02-17 | 2005-11-22 | The United States Of America As Represented By The Secretary Of The Navy | Method which uses a non-volatile memory to store a crypto key and a check word for an encryption device |
JP2001273430A (en) * | 2000-03-27 | 2001-10-05 | Toshiba Corp | Portable electronic device and point system |
US7245719B2 (en) * | 2000-06-30 | 2007-07-17 | Matsushita Electric Industrial Co., Ltd. | Recording method and apparatus, optical disk, and computer-readable storage medium |
US20020089410A1 (en) * | 2000-11-13 | 2002-07-11 | Janiak Martin J. | Biometric authentication device for use with a personal digital assistant |
US20020104004A1 (en) * | 2001-02-01 | 2002-08-01 | Bruno Couillard | Method and apparatus for synchronizing real-time clocks of time stamping cryptographic modules |
US20020141582A1 (en) * | 2001-03-28 | 2002-10-03 | Kocher Paul C. | Content security layer providing long-term renewable security |
SE0101295D0 (en) * | 2001-04-10 | 2001-04-10 | Ericsson Telefon Ab L M | A method and network for delivering streaming data |
US6898288B2 (en) * | 2001-10-22 | 2005-05-24 | Telesecura Corporation | Method and system for secure key exchange |
US7363492B2 (en) * | 2005-02-25 | 2008-04-22 | Motorola, Inc. | Method for zero-knowledge authentication of a prover by a verifier providing a user-selectable confidence level and associated application devices |
-
2005
- 2005-09-21 US US11/232,471 patent/US20070067643A1/en not_active Abandoned
-
2006
- 2006-08-21 EP EP06789903A patent/EP1952245A2/en not_active Withdrawn
- 2006-08-21 CA CA002623430A patent/CA2623430A1/en not_active Abandoned
- 2006-08-21 WO PCT/US2006/032618 patent/WO2007037838A2/en active Application Filing
- 2006-08-30 TW TW095131956A patent/TWI361352B/en not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5966444A (en) * | 1996-12-06 | 1999-10-12 | Yuan; Chuan K. | Method and system for establishing a cryptographic key agreement using linear protocols |
US20050154899A1 (en) * | 2004-01-09 | 2005-07-14 | The United States Of America As Represented By The Secretary Of The Army | Mobile software authentication and validation |
Also Published As
Publication number | Publication date |
---|---|
CA2623430A1 (en) | 2007-04-05 |
US20070067643A1 (en) | 2007-03-22 |
EP1952245A2 (en) | 2008-08-06 |
TWI361352B (en) | 2012-04-01 |
TW200728980A (en) | 2007-08-01 |
WO2007037838A2 (en) | 2007-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007037838A3 (en) | System and method for software tamper detection | |
Hempstalk | Hiding behind corners: Using edges in images for better steganography | |
WO2007086890A3 (en) | Method, apparatus, and system for authentication using labels containing nucleotide seouences | |
CA2561335A1 (en) | Method and system for linking certificates to signed files | |
TW200636586A (en) | System security approaches using multiple processing units | |
WO2006082985A3 (en) | Methods and apparatus for providing a secure booting sequence in a processor | |
WO2007141206A3 (en) | System, method and computer program product for secure access control to a storage device | |
WO2010039788A3 (en) | Processor boot security device and methods thereof | |
WO2006084130A3 (en) | Ultra-sensitive detection systems using multidimension signals | |
WO2008041915A3 (en) | Security system and method for detecting intrusion in a computerized system | |
ATE509321T1 (en) | SYSTEM FOR DETECTING UNAUTHORIZED CONTENT | |
WO2006118896A3 (en) | Method and apparatus for detecting the falsification of metadata | |
TW200739383A (en) | System for preventing unauthorized acquisition of information, and method thereof | |
TW200701735A (en) | Data communication system, proxy system server, computer program, and data communication method | |
WO2004046934A3 (en) | Secure memory for protecting against malicious programs | |
WO2005019974A3 (en) | Secure protection method for access to protected resources in a processor | |
TW200731074A (en) | Hardware-assisted device configuration detection | |
WO2011050089A3 (en) | Preventing and responding to disabling of malware protection software | |
DE60231990D1 (en) | PROCEDURE FOR PROTECTION OF SOFTWARE FROM UNAUTHORIZED USE | |
JP2006121655A5 (en) | ||
DE60239718D1 (en) | Information processing apparatus and its control method, computer program, and storage medium | |
WO2008044004A3 (en) | Improvements relating to the detection of patterns | |
WO2006083015A3 (en) | Methods and apparatus for resource management in a processor | |
CN105005904A (en) | RFID-coding-based artwork tracing method | |
ATE426858T1 (en) | SYSTEM AND METHOD FOR DETECTING MALICIOUS CODE |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
ENP | Entry into the national phase |
Ref document number: 2623430 Country of ref document: CA |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006789903 Country of ref document: EP |