CA2774728C - System and method to protect java bytecode code against static and dynamic attacks within hostile execution environments - Google Patents

System and method to protect java bytecode code against static and dynamic attacks within hostile execution environments Download PDF

Info

Publication number
CA2774728C
CA2774728C CA2774728A CA2774728A CA2774728C CA 2774728 C CA2774728 C CA 2774728C CA 2774728 A CA2774728 A CA 2774728A CA 2774728 A CA2774728 A CA 2774728A CA 2774728 C CA2774728 C CA 2774728C
Authority
CA
Canada
Prior art keywords
bytecode
java
security
security module
protected
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CA2774728A
Other languages
English (en)
French (fr)
Other versions
CA2774728A1 (en
Inventor
Yuan Xiang Gu
Garney Adams
Jack Rong
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Irdeto BV
Original Assignee
Irdeto BV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Irdeto BV filed Critical Irdeto BV
Publication of CA2774728A1 publication Critical patent/CA2774728A1/en
Application granted granted Critical
Publication of CA2774728C publication Critical patent/CA2774728C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Devices For Executing Special Programs (AREA)
  • Storage Device Security (AREA)
CA2774728A 2009-11-13 2010-11-12 System and method to protect java bytecode code against static and dynamic attacks within hostile execution environments Expired - Fee Related CA2774728C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US26088709P 2009-11-13 2009-11-13
US61/260,887 2009-11-13
PCT/CA2010/001761 WO2011057393A1 (en) 2009-11-13 2010-11-12 System and method to protect java bytecode code against static and dynamic attacks within hostile execution environments

Publications (2)

Publication Number Publication Date
CA2774728A1 CA2774728A1 (en) 2011-05-19
CA2774728C true CA2774728C (en) 2019-02-12

Family

ID=43991129

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2774728A Expired - Fee Related CA2774728C (en) 2009-11-13 2010-11-12 System and method to protect java bytecode code against static and dynamic attacks within hostile execution environments

Country Status (8)

Country Link
US (1) US9213826B2 (enExample)
EP (2) EP2467800B1 (enExample)
JP (1) JP5689472B2 (enExample)
KR (1) KR20130018642A (enExample)
CN (1) CN102598017B (enExample)
CA (1) CA2774728C (enExample)
IN (1) IN2012DN02458A (enExample)
WO (1) WO2011057393A1 (enExample)

Families Citing this family (62)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8424082B2 (en) * 2008-05-08 2013-04-16 Google Inc. Safely executing an untrusted native code module on a computing device
EP2402880A1 (en) * 2010-07-01 2012-01-04 Aladdin Europe GmbH Method and device for selectively protecting one of a plurality of methods of a class of an application written in an object-orientated language
FR2967275B1 (fr) * 2010-11-10 2012-12-28 Oberthur Technologies Procede, programme d'ordinateur et dispositif de securisation de code intermediaire de programmation pour son execution par une machine virtuelle
US8812868B2 (en) 2011-03-21 2014-08-19 Mocana Corporation Secure execution of unsecured apps on a device
US9396325B2 (en) 2011-03-21 2016-07-19 Mocana Corporation Provisioning an app on a device and implementing a keystore
US8955142B2 (en) * 2011-03-21 2015-02-10 Mocana Corporation Secure execution of unsecured apps on a device
US9473485B2 (en) 2011-03-21 2016-10-18 Blue Cedar Networks, Inc. Secure single sign-on for a group of wrapped applications on a computing device and runtime credential sharing
WO2012129639A2 (en) * 2011-03-31 2012-10-04 Irdeto Canada Corporation Method of securing non-native code
EP2761463A1 (en) * 2011-09-30 2014-08-06 Newman Infinite, Inc. Apparatus, method and computer-readable storage medium for securing javascript
US9021271B1 (en) * 2011-12-27 2015-04-28 Emc Corporation Injecting code decrypted by a hardware decryption module into Java applications
KR101944010B1 (ko) * 2012-02-24 2019-01-30 삼성전자 주식회사 애플리케이션의 변조 감지 방법 및 장치
EP2831790B1 (en) * 2012-03-30 2020-09-23 Irdeto B.V. Secured execution of a web application
WO2014133528A1 (en) * 2013-02-28 2014-09-04 Hewlett-Packard Development Company, L.P. Determining coverage of dynamic security scans using runtime and static code analyses
US9141823B2 (en) * 2013-03-15 2015-09-22 Veridicom, Sa De Cv Abstraction layer for default encryption with orthogonal encryption logic session object; and automated authentication, with a method for online litigation
KR101500512B1 (ko) * 2013-05-15 2015-03-18 소프트캠프(주) 데이터 프로세싱 시스템 보안 장치와 보안방법
US9378034B2 (en) 2013-05-16 2016-06-28 Sap Se Dynamic bytecode modification of classes and class hierarchies
US8943592B1 (en) 2013-07-15 2015-01-27 Eset, Spol. S.R.O. Methods of detection of software exploitation
KR101350390B1 (ko) * 2013-08-14 2014-01-16 숭실대학교산학협력단 코드 난독화 장치 및 그 방법
KR101471589B1 (ko) * 2013-08-22 2014-12-10 (주)잉카엔트웍스 공통중간언어 기반 프로그램을 위한 보안 제공 방법
KR101490047B1 (ko) * 2013-09-27 2015-02-04 숭실대학교산학협력단 자가변환 기반 애플리케이션 코드 난독화 장치 및 그 방법
US9792354B2 (en) 2013-09-30 2017-10-17 Microsoft Technology Licensing, Llc Context aware user interface parts
US9740854B2 (en) * 2013-10-25 2017-08-22 Red Hat, Inc. System and method for code protection
KR101556908B1 (ko) * 2013-11-14 2015-10-02 (주)잉카엔트웍스 프로그램 보호 장치
GB201405754D0 (en) * 2014-03-31 2014-05-14 Irdeto Bv Protecting an item of software comprising conditional code
KR101566142B1 (ko) * 2014-10-21 2015-11-06 숭실대학교산학협력단 사용자 단말기 및 그것을 이용한 응용 프로그램의 핵심코드 보호 방법
CN104375938B (zh) * 2014-11-20 2017-09-05 工业和信息化部电信研究院 安卓应用程序的动态行为监测方法及系统
EP3026559A1 (en) * 2014-11-28 2016-06-01 Thomson Licensing Method and device for providing verifying application integrity
WO2016112338A1 (en) * 2015-01-08 2016-07-14 Intertrust Technologies Corporation Cryptographic systems and methods
CN107430650B (zh) * 2015-03-02 2020-10-09 因温特奥股份公司 保护计算机程序以抵御逆向工程
US9460284B1 (en) * 2015-06-12 2016-10-04 Bitdefender IPR Management Ltd. Behavioral malware detection using an interpreter virtual machine
KR101740133B1 (ko) * 2015-08-10 2017-05-26 라인 가부시키가이샤 어플리케이션의 코드를 보호하기 위한 시스템 및 방법
KR101740134B1 (ko) * 2015-08-10 2017-05-26 라인 가부시키가이샤 어플리케이션의 코드 난독화를 위한 시스템 및 방법
WO2017056194A1 (ja) * 2015-09-29 2017-04-06 株式会社 東芝 情報機器または情報通信端末および、情報処理方法
EP3391583B1 (en) * 2015-12-15 2019-07-24 Koninklijke Philips N.V. A computation device and method
EP3188063A1 (en) * 2015-12-29 2017-07-05 GuardSquare NV A build system
MA44905A (fr) * 2016-04-05 2018-05-09 Mi Group B V Système et procédé d'informations de vol
US10073975B2 (en) 2016-08-11 2018-09-11 International Business Machines Corporation Application integrity verification in multi-tier architectures
US10394554B1 (en) * 2016-09-09 2019-08-27 Stripe, Inc. Source code extraction via monitoring processing of obfuscated byte code
US11423140B1 (en) * 2017-03-27 2022-08-23 Melih Abdulhayoglu Auto-containment of guest user applications
US10951644B1 (en) 2017-04-07 2021-03-16 Comodo Security Solutions, Inc. Auto-containment of potentially vulnerable applications
CN107294702B (zh) * 2017-07-17 2020-04-28 四川长虹电器股份有限公司 基于Hybrid APP自身特征的前端代码加密方法
EP3665566A4 (en) 2017-08-08 2021-04-21 Crypto4A Technologies Inc. Secure machine executable code deployment and execution method and system
CN107480478B (zh) * 2017-08-14 2019-08-13 钟尚亮 一种java应用程序的加密方法及运行方法
EP3861469B1 (en) 2018-10-23 2023-05-31 Huawei Technologies Co., Ltd. Device and method for validation of virtual function pointers
EP3709560A1 (en) * 2019-03-14 2020-09-16 Thales Dis France SA Method for provisioning white-box assets and corresponding device, server and system
US11468881B2 (en) * 2019-03-29 2022-10-11 Samsung Electronics Co., Ltd. Method and system for semantic intelligent task learning and adaptive execution
KR102243378B1 (ko) * 2019-04-02 2021-04-22 (주)드림시큐리티 자바 라이브러리의 무결성을 보장하기 위한 방법 및 장치
US11150915B2 (en) 2019-09-13 2021-10-19 International Business Machines Corporation Deferred bytecode class verification in managed runtime environments
US10963275B1 (en) 2019-10-31 2021-03-30 Red Hat, Inc. Implementing dependency injection via direct bytecode generation
CN110826031B (zh) * 2019-10-31 2022-08-02 望海康信(北京)科技股份公司 加密方法、装置、计算机设备及存储介质
JP7079502B2 (ja) * 2019-11-14 2022-06-02 株式会社アクセル 推論システム
US11403075B2 (en) 2019-11-25 2022-08-02 International Business Machines Corporation Bytecode verification using class relationship caching
CN111143029B (zh) * 2019-12-19 2024-03-22 浪潮软件股份有限公司 基于Gitlab-CI回调集成实现虚拟机一致、自动伸缩的持续构建环境的方法
KR102338885B1 (ko) * 2020-01-21 2021-12-14 주식회사 행복소프트 응용프로그램의 동적 변조 탐지 방법 및 장치
KR20210112923A (ko) 2020-03-06 2021-09-15 삼성전자주식회사 시스템 온 칩 및 이의 동작 방법
US11550883B2 (en) * 2020-09-08 2023-01-10 Assured Information Security, Inc. Code protection
CN113239330A (zh) * 2021-06-10 2021-08-10 杭州安恒信息技术股份有限公司 一种基于散列算法的反调试方法及相关装置
CN114036524B (zh) * 2021-10-29 2025-11-21 中国银联股份有限公司 一种电子设备
CN114928550B (zh) * 2022-04-29 2024-05-03 杭州默安科技有限公司 一种数据库交互账户安全检测方法及系统
CN116020127A (zh) * 2022-12-23 2023-04-28 安天科技集团股份有限公司 一种运行游戏的方法、装置及发送游戏的方法、装置
CN117932648B (zh) * 2024-03-20 2024-06-04 厦门星纵数字科技有限公司 一种字节码保护方法、终端设备及存储介质
CN118260750B (zh) * 2024-05-27 2024-09-17 北京升鑫网络科技有限公司 攻击行为检测方法和装置、攻击行为阻断方法和装置

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5692047A (en) 1995-12-08 1997-11-25 Sun Microsystems, Inc. System and method for executing verifiable programs with facility for using non-verifiable programs from trusted sources
JP4739465B2 (ja) 1997-06-09 2011-08-03 インタートラスト テクノロジーズ コーポレイション ソフトウェアセキュリティを増強するための混乱化技術
US6594761B1 (en) 1999-06-09 2003-07-15 Cloakware Corporation Tamper resistant software encoding
US6779114B1 (en) 1999-08-19 2004-08-17 Cloakware Corporation Tamper resistant software-control flow encoding
CA2304433A1 (en) 2000-04-05 2001-10-05 Cloakware Corporation General purpose access recovery scheme
CA2305078A1 (en) 2000-04-12 2001-10-12 Cloakware Corporation Tamper resistant software - mass data encoding
US7020882B1 (en) * 2000-09-14 2006-03-28 International Business Machines Corporation Method, system, and program for remotely manipulating a user interface over a network
GB0024918D0 (en) * 2000-10-11 2000-11-22 Sealedmedia Ltd Method of providing java tamperproofing
CA2327911A1 (en) 2000-12-08 2002-06-08 Cloakware Corporation Obscuring functions in computer software
US7039814B2 (en) * 2001-03-07 2006-05-02 Sony Corporation Method for securing software via late stage processor instruction decryption
CA2348355A1 (en) 2001-05-24 2002-11-24 Cloakware Corporation General scheme of using encodings in computations
CA2350029A1 (en) 2001-06-08 2002-12-08 Cloakware Corporation Sustainable digital watermarking via tamper-resistant software
CA2354470A1 (en) 2001-07-30 2003-01-30 Cloakware Corporation Active content for secure digital media
US7516331B2 (en) * 2003-11-26 2009-04-07 International Business Machines Corporation Tamper-resistant trusted java virtual machine and method of using the same
JP2005293109A (ja) 2004-03-31 2005-10-20 Canon Inc ソフトウェア実行管理装置、ソフトウェア実行管理方法、及び制御プログラム
WO2007011001A1 (ja) * 2005-07-22 2007-01-25 Matsushita Electric Industrial Co., Ltd. 実行装置
US7788730B2 (en) * 2006-01-17 2010-08-31 International Business Machines Corporation Secure bytecode instrumentation facility
WO2007147495A2 (en) 2006-06-21 2007-12-27 Wibu-Systems Ag Method and system for intrusion detection
JP2009258772A (ja) 2006-08-09 2009-11-05 Panasonic Corp アプリケーション実行装置
DE102007045743A1 (de) * 2007-09-25 2009-04-02 Siemens Ag Verfahren und System zum Schutz gegen einen Zugriff auf einen Maschinencode eines Gerätes
US20110035601A1 (en) 2007-12-21 2011-02-10 University Of Virginia Patent Foundation System, method and computer program product for protecting software via continuous anti-tampering and obfuscation transforms
US20110083020A1 (en) 2008-01-31 2011-04-07 Irdeto Access B.V. Securing a smart card
EP2196934A1 (en) * 2008-12-09 2010-06-16 Gemalto SA Method for securing java bytecode

Also Published As

Publication number Publication date
CA2774728A1 (en) 2011-05-19
CN102598017A (zh) 2012-07-18
CN102598017B (zh) 2016-03-09
EP2467800A1 (en) 2012-06-27
EP3923165A1 (en) 2021-12-15
IN2012DN02458A (enExample) 2015-08-21
EP2467800B1 (en) 2021-06-30
WO2011057393A1 (en) 2011-05-19
KR20130018642A (ko) 2013-02-25
US20120246487A1 (en) 2012-09-27
JP5689472B2 (ja) 2015-03-25
EP2467800A4 (en) 2016-03-16
US9213826B2 (en) 2015-12-15
JP2013511077A (ja) 2013-03-28

Similar Documents

Publication Publication Date Title
CA2774728C (en) System and method to protect java bytecode code against static and dynamic attacks within hostile execution environments
Hu et al. Data-oriented programming: On the expressiveness of non-control data attacks
Ward et al. Survey of cyber moving targets second edition
US10255414B2 (en) Software self-defense systems and methods
US9141787B2 (en) Interlocked binary protection using whitebox cryptography
Williams et al. Security through diversity: Leveraging virtual machine technology
US20170024230A1 (en) Method, apparatus, and computer-readable medium for ofuscating execution of an application on a virtual machine
WO2013170724A1 (zh) 安卓系统中java应用程序的保护方法
Shioji et al. Code shredding: byte-granular randomization of program layout for detecting code-reuse attacks
US7444677B2 (en) Intentional cascade failure
Buckwell et al. Execution at RISC: Stealth JOP Attacks on RISC-V Applications
Pizzolotto et al. Mitigating Debugger-based Attacks to Java Applications with Self-debugging
Zhao et al. UTRDCL: Stealthy DCL-Based Obfuscation and Its Attacks and Defenses in Android
Cloosters et al. Salsa: SGX Attestation for Live Streaming Applications
KR20250119416A (ko) 변형 멀웨어의 복원을 위한 언패킹 방법
Togan et al. Virtual machine for encrypted code execution
Zhao et al. DOG: Efficient information flow tracing and program monitoring with dynamic binary rewriting
Aelterman Exploitation of synergies between software protections
Salamat et al. Stopping Buffer Overflow Attacks at Run-Time: Simultaneous Multi-Variant Program Execution on a Multicore Processor
Pérez et al. Execution at RISC: Stealth JOP Attacks on RISC-V Applications
Okhravi et al. Hide and Seek: Exploiting and Hardening Leakage-Resilient Code Randomization
Ghosh Software Protection via Composable Process-level Virtual Machines
Dedhia et al. Hide and Seek: Exploiting and Hardening Leakage-Resilient Code Randomization
Kohli AUTOMATIC DETECTION OF MEMORY CORRUPTION ATTACKS
Task Monitoring Buffer Overflow Attacks

Legal Events

Date Code Title Description
EEER Examination request

Effective date: 20141125

MKLA Lapsed

Effective date: 20201112