article

Code protection for resource-constrained embedded devices

Authors:

N. Vijaykrishnan,

M. J. IrwinAuthors Info & Claims

ACM SIGPLAN Notices, Volume 39, Issue 7

Pages 240 - 248

https://doi.org/10.1145/998300.997198

Published: 11 June 2004 Publication History

Abstract

While the machine neutral Java bytecodes are attractive for code distribution in the highly heterogeneous embedded domain, the well-documented and standardized features also make it difficult to protect these codes. In fact, there are several tools to reverse engineer Java bytecodes. The focus of this work is the design of a substitution-based bytecode obfuscation approach that prevents code from being executed on unauthorized devices. Furthermore, we also improve the resilience of this substitution-based approach to frequency-based attacks. Using various Java class files, we show that our approach is 2.5 to 3 times less computationally intensive as compared to a traditional encryption based approach. Our experiments reveal that the protected class files could not execute on unauthorized clients.

References

[1]

H.-J. Fletchner: Grundbegriffe der Kybernetik, dtv Wissenschaft, Munich, 1984.

[2]

A. Perrig, R. Szewczyk, V. Wen, D. Culler, and D. Tygar: SPINS: Security Protocols for Sensor Networks, Proceedings of Mobicom 2001.

Digital Library

[3]

J. Rothe: Some facets of complexity theory and cryptography: a five-lecture tutorial, ACM Computing Surveys, vol. 34, no. 4, pp. 504--549, December 2002.

Digital Library

[4]

B. Schneier: Applied Cryptography, Wiley and Sons, New York, 1994.

[5]

B. Toxen: Real World Linux Security, Prentice Hall PTR, Upper Saddle River, NJ, 2003.

Digital Library

[6]

G.C. Necula, P. Lee: Safe kernel extensions without run-time checking. In Proceedings of the 2nd Symposium on Operating Systems Design and Implementation, October 1996.

Digital Library

[7]

T. Lindholm, F. Yellin: The Java Virtual Machine Specification. Addison Wisley, 1996.

Digital Library

[8]

D. Balfanz, E. W. Felten: A Java Filter. Technical Report 97-567, Department of Computer Science, Princeton University, 1997.

[9]

A. Chander, J. Mitchell, I. Shin: Mobile code security by Java bytecode instrumentation. DISCEX II, 2001.

[10]

Shin, I. and Mitchell, J.C.: Java Bytecode Modification and Applet Security. Stanford CS Tech Report

[11]

J. Algesheimer, C. Cachin, J. Camenisch, G. Karjoth: Cryptographic Security for Mobile Code, Proceedings of IEEE Security & Privacy 2001.

Digital Library

[12]

A. Hodjat, I. Verbauwhede: AES module C code written using the suggested NIST C, University of California, Los Angeles, CA.

[13]

J. Daemen, V. Rijmen: The Block Cipher Rijndael, Smart Card Research and Applications, LNCS 1820, J.-J. Quisquater and B. Schneier, Eds., Springer-Verlag, 2000, pp. 288--296.

Digital Library

[14]

J. Daemen and V. Rijmen: Rijndael, the advanced encryption standard, Dr. Dobb's Journal,Vol. 26, No. 3, March 2001, pp.137--139.

[15]

R. Radhakrishnan, J. Rubio and L. John: Characterization of Java Applications at Bytecode and Ultra-SPARC Machine Code Levels, In Proceedings of IEEE International Conference on Computer Design, pages 281--284, 1999.

Digital Library

[16]

H. McGhan, M. O'Conner, PicoJava: A Direct Execution Engine for Java Bytecode, IEEE Computer (1998) 22--30.

Digital Library

[17]

Spec JVM98 Benchmark, http://www.specbench.org/osg/jvm98/

[18]

B. Griswold, P. Phillips: Bill and Paul's Excellent UCSD Benchmarks for Java (version 1.1), http://www-cse.ucsd.edu/users/wgg/JavaProf/javaprof.html

[19]

Volano benchmark, http://www.volano.com/benchmarks.html

[20]

DigSim benchmarks, http://www.cs.berkely.edu/~jfoster/cs252-project/benchmarks.html

[21]

D. Low . Java Control Flow Obfuscation, Thesis Paper, Department of Computer Science, University of Auckland, New Zealand, June 1998.

[22]

G. Nola. Decompiling Java. McGraw-Hill, 1998.

Digital Library

Cited By

Hosseinzadeh SRauti SLaurén SMäkelä JHolvitie JHyrynsalmi SLeppänen V(2018)Diversification and obfuscation techniques for software security: A systematic literature reviewInformation and Software Technology10.1016/j.infsof.2018.07.007104(72-93)Online publication date: Dec-2018
https://doi.org/10.1016/j.infsof.2018.07.007
Brooks R(2009)ReferencesDisruptive Security Technologies with Mobile Code and Peer-to-Peer Networks10.1201/9781420038880.bmattOnline publication date: 7-Dec-2009
https://doi.org/10.1201/9781420038880.bmatt
Brooks R(2009)ReferencesDisruptive Security Technologies with Mobile Code and Peer-to-Peer Networks10.1201/9781420038880.bmattOnline publication date: 7-Dec-2009
https://doi.org/10.1201/9781420038880.bmatt

Index Terms

Code protection for resource-constrained embedded devices
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages

Recommendations

Code protection for resource-constrained embedded devices
LCTES '04: Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems

While the machine neutral Java bytecodes are attractive for code distribution in the highly heterogeneous embedded domain, the well-documented and standardized features also make it difficult to protect these codes. In fact, there are several tools to ...
End-to-End Java Security Performance Enhancements for Oracle SPARC Servers
ICPE '16: Proceedings of the 7th ACM/SPEC on International Conference on Performance Engineering

In this paper we investigate the performance of cryptographic operations, when used in Java applications. We demonstrate the advantage of using built-in hardware accelerator for cryptographic operations on SPARC servers. In particular, we demonstrate ...
Guaranteeing Correctness Properties of a Java Card Applet

The paper describes an experiment in which a framework for model checking Java byte code, combined with the application of runtime monitoring techniques through code rewriting, was used to guarantee correctness properties of a Java Card applet.

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 39, Issue 7

LCTES '04

July 2004

265 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/998300

Issue’s Table of Contents

LCTES '04: Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
June 2004
276 pages
ISBN:1581138067
DOI:10.1145/997163
General Chair:
David Whalley
Florida State University
,
Program Chair:
Ron Cytron
Washington University

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2004

Published in SIGPLAN Volume 39, Issue 7

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
787
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hosseinzadeh SRauti SLaurén SMäkelä JHolvitie JHyrynsalmi SLeppänen V(2018)Diversification and obfuscation techniques for software security: A systematic literature reviewInformation and Software Technology10.1016/j.infsof.2018.07.007104(72-93)Online publication date: Dec-2018
https://doi.org/10.1016/j.infsof.2018.07.007
Brooks R(2009)ReferencesDisruptive Security Technologies with Mobile Code and Peer-to-Peer Networks10.1201/9781420038880.bmattOnline publication date: 7-Dec-2009
https://doi.org/10.1201/9781420038880.bmatt
Brooks R(2009)ReferencesDisruptive Security Technologies with Mobile Code and Peer-to-Peer Networks10.1201/9781420038880.bmattOnline publication date: 7-Dec-2009
https://doi.org/10.1201/9781420038880.bmatt

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents