Keynote: Software Protections – Theory, practice, and recent advances
On November 11th, Sebastian Schrittwieser, senior researcher at SBA Research and University of Vienna, gave the keynote at the 7th International Conference on Software Security and Assurance on the topic of Software Protections.
Software Protections – Theory, practice, and recent advances
The area of Man-At-The-End (MATE) software protection is a battlefield on which an arms race and white-box attacks take place: Attackers control the devices and environments in which they use a range of tools to inspect, analyze and alter the software’s static representation and its dynamic state. Both defensive and offensive techniques are developed and deployed for benign reasons as well as with malicious intents. Obfuscation techniques are deployed for protecting the confidentiality and integrity of software assets (e.g., algorithms and secret keys) but also for hiding malware injected into software.
Vice versa, de-obfuscation techniques are developed by criminals attacking software assets as well as by security experts developing malware protections such as anti-virus scanners and malware analyzers. However, in contrast to another well-known protection methods, such as cryptography, it is very difficult to make a statement about the strength of an obfuscation protection.
This talk gives an overview on the practical use of software protections, its measurability as well as recent advances in obfuscation theory (indistinguishability obfuscation).
Links and Downloads
7th International Conference on Software Security and Assurance, 10.11.-11.11.21, Online