On the impossibility of effectively using likely-invariants for software attestation purposes

Invariants monitoring is a software attestation technique that aims at proving the integrity of a running application by checking likely-invariants, which are statistically significant predicates inferred on variables’ values. Being very promising, according to the software protection literature, we developed a technique to remotely monitor invariants. This paper presents the analysis we have performed to assess the effectiveness of our technique and the effectiveness of likely-invariants for software attestation purposes. Moreover, it illustrates the identified limitations and our studies to improve the detection abilities of this technique. Our results suggest that, despite further studies and future results may increase the efficacy and reduce the side effects, software attestation based on likely-invariants is not yet ready for the real world. Software developers should be warned of these limitations, if they could be tempted by adopting this technique, and companies developing software protections should not invest in development without also investing in further research.

On the impossibility of effectively using likely-invariants for software attestation purposes / Viticchie', Alessio; Basile, Cataldo; Valenza, Fulvio; Lioy, Antonio. - In: JOURNAL OF WIRELESS MOBILE NETWORKS, UBIQUITOUS COMPUTING AND DEPENDABLE APPLICATIONS. - ISSN 2093-5374. - STAMPA. - 9:2(2018), pp. 1-25.

SFX
Titolo: On the impossibility of effectively using likely-invariants for software attestation purposes
Autori: 
VITICCHIE', ALESSIO
BASILE, CATALDO
VALENZA, FULVIO
LIOY, ANTONIO
Data di pubblicazione: 2018
Rivista: 
JOURNAL OF WIRELESS MOBILE NETWORKS, UBIQUITOUS COMPUTING AND DEPENDABLE APPLICATIONS  
Digital Object Identifier (DOI): http://dx.doi.org/10.22667/JOWUA.2018.06.30.001
Appare nelle tipologie:1.1 Articolo in rivista

File in questo prodotto:
FileDescrizioneTipologiaLicenza 
2018BasileInvariants.pdf Main paper2a Post-print versione editoriale / Version of RecordPUBBLICO - Tutti i diritti riservatiVisibile a tuttiVisualizza/Apri
Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/11583/2711778
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie
Logo CINECA  Copyright © 2022