Software self-defense systems and methods
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for protecting a computer program from unauthorized analysis and modification. Obfuscation transformations can be applied to the computer program'"'"'s local structure, control graph, and/or data structure to render the program more difficult to understand and/or modify. Tamper-resistance mechanisms can be incorporated into the computer program to detect attempts to tamper with the program'"'"'s operation. Once an attempt to tamper with the computer program is detected, the computer program reports it to an external agent, ceases normal operation, and/or reverses any modifications made by the attempted tampering. The computer program can also be watermarked to facilitate identification of its owner. The obfuscation, tamper-resistance, and watermarking transformations can be applied to the computer program'"'"'s source code, object code, or executable image.
-
Citations
81 Claims
-
1-67. -67. (canceled)
-
68. A method for protecting an executable computer program from unauthorized tampering, the method including:
-
adding a first segment of code or data to a portion of the executable program, the first segment of code or data not materially affecting the normal operation of the executable program;
upon a first execution of a first predefined code sequence in the executable program, overwriting at least part of a first memory region containing the first segment of code or data with a second segment of code or data;
upon a subsequent execution of the first predefined code sequence, overwriting at least part of a memory region substantially adjacent to the first memory region with a third segment of code or data, such that at least part of the executable program is overwritten with the third segment of code or data. - View Dependent Claims (69, 79, 80)
-
-
70. A method for protecting an executable computer program against unauthorized tampering, the method including:
-
monitoring the number of times a first predefined code sequence is executed before a second predefined code sequence is executed;
if the first predefined code sequence is executed more than a predetermined number of times before the second predefined code sequence is executed, overwriting at least part of the executable program, or data upon which the executable program relies, with invalid instructions or data. - View Dependent Claims (81)
-
-
71-72. -72. (canceled)
-
73. A method for implementing one or more self-defensive techniques in a computer program, the method including:
-
(a)(1) generating a primed computer program by inserting a first piece of code into the computer program;
(b)(1) finding the first piece of code at a first location in the primed computer program;
(c)(1) inserting a second piece of computer code into the primed computer program at the first location, the second piece of computer code being operable to perform a self-defense action. - View Dependent Claims (74, 75, 76, 77, 78)
-
Specification