F-LaaS: A control-flow-attack immune license-as-a-service model

Sandeep Kumar, Diksha Moolchandani, Takatsugu Ono, Smruti R. Sarangi

研究成果: 著書/レポートタイプへの貢献会議での発言

抄録

We use license servers to verify users' credentials and to restrict access to proprietary software. Due to logistical reasons, it is often economical to use third-party servers to manage licenses. Sadly, users on client machines can mount sophisticated attacks on the executables and try to circumvent the license check. This can be used to crack the software, and thus it is necessary for software writers to prevent such attacks, which include the use of additional code to check the integrity of the binary and the control flow. In spite of such techniques, modern control flow bending(CFB) techniques that rely on running instrumented binaries on virtual machines can circumvent such checks and change the behavior of branches and jumps at runtime. They are however extremely computationally inefficient. We propose an AI-based technique that is an order of magnitude faster than the state-of-the-art and show its efficacy by breaking three widely used license managers, and five popularly used software. Finally, we propose a new license management service, F-LaaS, which hides key functions in the binary. These functions are downloaded at runtime upon the successful verification of the license. We show that the mean performance overhead of F-LaaS is negligible: 0.26%.

元の言語英語
ホスト出版物のタイトルProceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services
編集者Elisa Bertino, Carl K. Chang, Peter Chen, Ernesto Damiani, Ernesto Damiani, Michael Goul, Katsunori Oyama
出版者Institute of Electrical and Electronics Engineers Inc.
ページ80-89
ページ数10
ISBN(電子版)9781728127200
DOI
出版物ステータス出版済み - 7 2019
イベント2019 IEEE International Conference on Services Computing, SCC 2019 - Milan, イタリア
継続期間: 7 8 20197 13 2019

出版物シリーズ

名前Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services

会議

会議2019 IEEE International Conference on Services Computing, SCC 2019
イタリア
Milan
期間7/8/197/13/19

Fingerprint

Flow control
Servers
Managers
Cracks
Attack
License
Software
Virtual machine

All Science Journal Classification (ASJC) codes

  • Strategy and Management
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems and Management

これを引用

Kumar, S., Moolchandani, D., Ono, T., & Sarangi, S. R. (2019). F-LaaS: A control-flow-attack immune license-as-a-service model. : E. Bertino, C. K. Chang, P. Chen, E. Damiani, E. Damiani, M. Goul, & K. Oyama (版), Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services (pp. 80-89). [8814192] (Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SCC.2019.00025

F-LaaS : A control-flow-attack immune license-as-a-service model. / Kumar, Sandeep; Moolchandani, Diksha; Ono, Takatsugu; Sarangi, Smruti R.

Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services. 版 / Elisa Bertino; Carl K. Chang; Peter Chen; Ernesto Damiani; Ernesto Damiani; Michael Goul; Katsunori Oyama. Institute of Electrical and Electronics Engineers Inc., 2019. p. 80-89 8814192 (Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services).

研究成果: 著書/レポートタイプへの貢献会議での発言

Kumar, S, Moolchandani, D, Ono, T & Sarangi, SR 2019, F-LaaS: A control-flow-attack immune license-as-a-service model. : E Bertino, CK Chang, P Chen, E Damiani, E Damiani, M Goul & K Oyama (版), Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services., 8814192, Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services, Institute of Electrical and Electronics Engineers Inc., pp. 80-89, 2019 IEEE International Conference on Services Computing, SCC 2019, Milan, イタリア, 7/8/19. https://doi.org/10.1109/SCC.2019.00025
Kumar S, Moolchandani D, Ono T, Sarangi SR. F-LaaS: A control-flow-attack immune license-as-a-service model. : Bertino E, Chang CK, Chen P, Damiani E, Damiani E, Goul M, Oyama K, 編集者, Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services. Institute of Electrical and Electronics Engineers Inc. 2019. p. 80-89. 8814192. (Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services). https://doi.org/10.1109/SCC.2019.00025
Kumar, Sandeep ; Moolchandani, Diksha ; Ono, Takatsugu ; Sarangi, Smruti R. / F-LaaS : A control-flow-attack immune license-as-a-service model. Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services. 編集者 / Elisa Bertino ; Carl K. Chang ; Peter Chen ; Ernesto Damiani ; Ernesto Damiani ; Michael Goul ; Katsunori Oyama. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 80-89 (Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services).
@inproceedings{9aeec94046f842f3bd690f3105dbbc28,
title = "F-LaaS: A control-flow-attack immune license-as-a-service model",
abstract = "We use license servers to verify users' credentials and to restrict access to proprietary software. Due to logistical reasons, it is often economical to use third-party servers to manage licenses. Sadly, users on client machines can mount sophisticated attacks on the executables and try to circumvent the license check. This can be used to crack the software, and thus it is necessary for software writers to prevent such attacks, which include the use of additional code to check the integrity of the binary and the control flow. In spite of such techniques, modern control flow bending(CFB) techniques that rely on running instrumented binaries on virtual machines can circumvent such checks and change the behavior of branches and jumps at runtime. They are however extremely computationally inefficient. We propose an AI-based technique that is an order of magnitude faster than the state-of-the-art and show its efficacy by breaking three widely used license managers, and five popularly used software. Finally, we propose a new license management service, F-LaaS, which hides key functions in the binary. These functions are downloaded at runtime upon the successful verification of the license. We show that the mean performance overhead of F-LaaS is negligible: 0.26{\%}.",
author = "Sandeep Kumar and Diksha Moolchandani and Takatsugu Ono and Sarangi, {Smruti R.}",
year = "2019",
month = "7",
doi = "10.1109/SCC.2019.00025",
language = "English",
series = "Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "80--89",
editor = "Elisa Bertino and Chang, {Carl K.} and Peter Chen and Ernesto Damiani and Ernesto Damiani and Michael Goul and Katsunori Oyama",
booktitle = "Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services",
address = "United States",

}

TY - GEN

T1 - F-LaaS

T2 - A control-flow-attack immune license-as-a-service model

AU - Kumar, Sandeep

AU - Moolchandani, Diksha

AU - Ono, Takatsugu

AU - Sarangi, Smruti R.

PY - 2019/7

Y1 - 2019/7

N2 - We use license servers to verify users' credentials and to restrict access to proprietary software. Due to logistical reasons, it is often economical to use third-party servers to manage licenses. Sadly, users on client machines can mount sophisticated attacks on the executables and try to circumvent the license check. This can be used to crack the software, and thus it is necessary for software writers to prevent such attacks, which include the use of additional code to check the integrity of the binary and the control flow. In spite of such techniques, modern control flow bending(CFB) techniques that rely on running instrumented binaries on virtual machines can circumvent such checks and change the behavior of branches and jumps at runtime. They are however extremely computationally inefficient. We propose an AI-based technique that is an order of magnitude faster than the state-of-the-art and show its efficacy by breaking three widely used license managers, and five popularly used software. Finally, we propose a new license management service, F-LaaS, which hides key functions in the binary. These functions are downloaded at runtime upon the successful verification of the license. We show that the mean performance overhead of F-LaaS is negligible: 0.26%.

AB - We use license servers to verify users' credentials and to restrict access to proprietary software. Due to logistical reasons, it is often economical to use third-party servers to manage licenses. Sadly, users on client machines can mount sophisticated attacks on the executables and try to circumvent the license check. This can be used to crack the software, and thus it is necessary for software writers to prevent such attacks, which include the use of additional code to check the integrity of the binary and the control flow. In spite of such techniques, modern control flow bending(CFB) techniques that rely on running instrumented binaries on virtual machines can circumvent such checks and change the behavior of branches and jumps at runtime. They are however extremely computationally inefficient. We propose an AI-based technique that is an order of magnitude faster than the state-of-the-art and show its efficacy by breaking three widely used license managers, and five popularly used software. Finally, we propose a new license management service, F-LaaS, which hides key functions in the binary. These functions are downloaded at runtime upon the successful verification of the license. We show that the mean performance overhead of F-LaaS is negligible: 0.26%.

UR - http://www.scopus.com/inward/record.url?scp=85072559123&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85072559123&partnerID=8YFLogxK

U2 - 10.1109/SCC.2019.00025

DO - 10.1109/SCC.2019.00025

M3 - Conference contribution

AN - SCOPUS:85072559123

T3 - Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services

SP - 80

EP - 89

BT - Proceedings - 2019 IEEE International Conference on Services Computing, SCC 2019 - Part of the 2019 IEEE World Congress on Services

A2 - Bertino, Elisa

A2 - Chang, Carl K.

A2 - Chen, Peter

A2 - Damiani, Ernesto

A2 - Damiani, Ernesto

A2 - Goul, Michael

A2 - Oyama, Katsunori

PB - Institute of Electrical and Electronics Engineers Inc.

ER -