A meta-model for software protections and reverse engineering attacks

Software protection techniques are used to protect valuable software assets against man-at-the-end attacks. Those attacks include reverse engineering to steal confidential assets, and tampering to break the software’s integrity in unauthorized ways. While their ultimate aims are the original assets, attackers also target the protections along their attack path. To allow both humans and tools to reason about the strength of available protections (and combinations thereof) against potential attacks on concrete applications and their assets, i.e., to assess the true strength of layered protections, all relevant and available knowledge on the relations between the relevant aspects of protections, attacks, applications, and assets need to be collected, structured, and formalized. This paper presents a software protection meta-model that can be instantiated to construct a formal knowledge base that holds precisely that information. The presented meta-model is validated against existing models and taxonomies in the domain of software protection, and by means of prototype tools that we developed to help non-modelling-expert software defenders with populating a knowledge base and with extracting and inferring practically useful information from it. All discussed tools are available as open source, and we evaluate their use as part of a software protection work flow on an open source application and industrial use cases.