Covert Loading and Execution of Software Protections to Reduce Adversarial Detection
Small Business Information
317 N. Aurora Street, Ithaca, NY, 14850
AbstractA number of software defenses exist that frustrate attempts to examine or tamper with a protected application. However, attackers are unlikely to approach the defenses head-on. One weak point is during installation and deployment of defenses. There is sort of a "who came first" game played between the protected application and the attacker. If the attacker arrives first, then they can observe the defenses as they are setup, gaining great insight into how the protections can be subverted. This opening must be prevented. We envision a technique that enhances existing defenses by protecting the loading phase of the sensitive application. Under this system, attackers are denied access to system initialization and sensitive software is made inseparable from the OS, thereby preventing attack before protection can be raised against it.
* information listed above is at the time of submission.