Protecting Applications Software Against Unauthorized Access, Reverse Engineering or Tampering

US 20070266434A1
Filed: 05/11/2006
Published: 11/15/2007
Est. Priority Date: 05/11/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for protecting application software from reverse engineering or tampering, comprising:

seeding said application software with sneak circuits based on performance indicators;

running said application software in test mode after said seeding;

analyzing performance indicators and protection indicators of said application software while running said application software in said test mode;

modifying seeding if said performance indicators and said protection indicators reach a predetermined tradeoff value; and

inserting active protection code in said application software.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and program for protecting applications software from unauthorized access, reverse engineering or tampering, is disclosed. Protection of the application software may be accomplished by seeding the application software with sneak circuits based on performance indicators; running the application software in test mode to analyze performance indicators versus protection indicators of the application software; modifying seeding if the performance indicators and the protection indicators reach a predetermined tradeoff value; and inserting active protection code in the application software. Additional protection can be accomplished by executing a protected version of the application software in normal mode and collecting forensics data while executing the protected version.

33 Citations

View as Search Results

56 Claims

1. A method for protecting application software from reverse engineering or tampering, comprising:
- seeding said application software with sneak circuits based on performance indicators;
  
  running said application software in test mode after said seeding;
  
  analyzing performance indicators and protection indicators of said application software while running said application software in said test mode;
  
  modifying seeding if said performance indicators and said protection indicators reach a predetermined tradeoff value; and
  
  inserting active protection code in said application software.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 further comprising establishing strategy vectors derived from static metrics analysis of said application software and dynamic metrics analysis of said application software before said seeding.
  - 3. The method of claim 1 further comprising conditioning for obfuscating source code of said application software before said inserting active protection code.
  - 4. The method of claim 1 further comprising:
    - releasing a protected version of said application software for execution in normal mode after said inserting active protection code; and
      
      collecting forensics data collected while executing said protected version.
  - 5. The method of claim 2 wherein said strategy vectors are a function of application software size.
  - 6. The method of claim 2 wherein said strategy vectors are a function of an application domain for said application software.
  - 7. The method of claim 2 wherein said strategy vectors are a function of an application software threat.
  - 8. The method of claim 2 wherein said strategy vectors are a function of benchmark performance data related to said application software.
  - 9. The method of claim 2 further comprising using a static analyzer to statically analyze source code of said application software, collecting static metrics data and reporting said static metrics data in a metrics report.
  - 10. The method of claim 2 further comprising using a dynamic analyzer to dynamically analyze said application software, collecting dynamic metrics data, storing said dynamic metrics data in a dynamic metrics database, and reporting said dynamic metrics data in a metrics report.
  - 11. The method of claim 1 further comprising storing seeding performance benchmarks after analyzing performance indicators and protection indicators.
  - 12. The method of claim 1 wherein said sneak circuits are selected from the group consisting essentially of sneak data, sneak logic, sneak paths, sneak timing, sneak indication, sneak labels and sneak signatures.
  - 13. The method of claim 1 wherein said active protection code is selected from the group consisting essentially of debuggers, decompilers, disassemblers, exploiter tool signature recognition, alert routines, situational awareness display interfaces, low frequency transmissions, and honeypot insertion used to provide gathering of forensics code based on tool signatures.
  - 14. The method of claim 4 wherein said collecting forensics data further comprises analyzing said forensics data;
    - identifying new exploiter techniques and tools;
      
      defining new threats and approaches for countering said new threats;
      
      modifying said sneak circuits to counter said new threats;
      
      testing modified software application; and
      
      releasing said modified software application.

15. A computer program stored on a computer readable medium for programming a computer to protect application software from reverse engineering or tampering, the computer program comprising:
- a computer code segment for seeding said application software with sneak circuits based on performance indicators;
  
  a computer code segment for running said application software in test mode after said seeding, the running for analyzing said performance indicators and protection indicators of said application software;
  
  a computer code segment for modifying seeding if said performance indicators and said protection indicators reach a predetermined tradeoff value; and
  
  a computer code segment for inserting active protection code in said application software.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 16. The program of claim 15 further comprising a computer code segment for establishing strategy vectors derived from static metrics analysis of said application software and dynamic metrics analysis of said application software for providing assistance in developing performance indicators.
  - 17. The program of claim 15 further comprising a computer code segment for conditioning for obfuscating source code of said application software after running said application software in said test mode.
  - 18. The program of claim 15 further comprising:
    - a computer code segment for releasing a protected version of said application software for execution in normal mode after said modifying; and
      
      a computer code segment for collecting forensics data collected while executing said protected version.
  - 19. The program of claim 16 wherein said strategy vectors are a function of application software size.
  - 20. The program of claim 16 wherein said strategy vectors are a function of an application domain for said application software.
  - 21. The program of claim 16 wherein said strategy vectors are a function of an application software threat.
  - 22. The program of claim 16 wherein said strategy vectors are a function of benchmark performance data related to said application software.
  - 23. The program of claim 16 further comprising using a static analyzer to statically analyze source code of said application software, collecting static metrics data and reporting said static metrics data in a metrics report.
  - 24. The program of claim 16 further comprising using a dynamic analyzer to dynamically analyze said application software, collecting dynamic metrics data, storing said dynamic metrics data in a dynamic metrics database, and reporting said dynamic metrics data in a metrics report.
  - 25. The program of claim 15 further comprising a computer code segment for storing seeding performance benchmarks after analyzing performance indicators and protection indicators.
  - 26. The program of claim 15 wherein said sneak circuits are selected from the group consisting essentially of sneak data, sneak logic, sneak paths, sneak timing, sneak indication, sneak labels and sneak signatures.
  - 27. The program of claim 15 wherein said active protection code is selected from the group consisting essentially of debuggers, decompilers, disassemblers, exploiter tool signature recognition, alert routines, situational awareness display interfaces, low frequency transmissions, and honeypot insertion used to provide gathering of forensics code based on tool signatures.
  - 28. The program of claim 18 wherein the computer code segment for collecting said forensics data further comprises identifying new exploiter techniques and tools;
    - defining new threats and approaches for countering said new threats;
      
      modifying said sneak circuits to counter said new threats;
      
      testing modified software application; and
      
      releasing said modified software application.

29. A system for protecting application software from reverse engineering or tampering, comprising:
- a seeding module for augmenting said application software with sneak circuits based on performance indicators;
  
  a running module for analyzing said performance indicators and protection indicators of said application software in test mode after said seeding;
  
  a modifying module for updating seeding if said performance indicators and said protection indicators reach a predetermined tradeoff value; and
  
  a protecting module for inserting active protection code in said application software.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 30. The system of claim 29 further comprising an establishing module for deriving strategy vectors from static metrics analysis of said application software and dynamic metrics analysis of said application software for providing assistance in developing performance indicators.
  - 31. The system of claim 29 further comprising a conditioning module for obfuscating source code of said application software.
  - 32. The system of claim 29 further comprising:
    - a releasing module for executing a protected version of said application software in normal mode after inserting said active protection code; and
      
      a collecting module for gathering and storing forensics data collected while executing said protected version.
  - 33. The system of claim 30 wherein said strategy vectors are a function of application software size.
  - 34. The system of claim 30 wherein said strategy vectors are a function of an application domain for said application software.
  - 35. The system of claim 30 wherein said strategy vectors are a function of an application software threat.
  - 36. The system of claim 30 wherein said strategy vectors are a function of benchmark performance data related to said application software.
  - 37. The system of claim 30 further comprising a static analyzing module for statically analyzing source code of said application software, collecting static metrics data and reporting said static metrics data in a metrics report.
  - 38. The system of claim 30 further comprising a dynamic analyzing module for to dynamically analyzing said application software, collecting dynamic metrics data, storing said dynamic metrics data in a dynamic metrics database, and reporting said dynamic metrics data in a metrics report.
  - 39. The system of claim 29 further comprising a storing module for saving seeding performance benchmarks after analyzing performance indicators and protection indicators.
  - 40. The system of claim 29 wherein said sneak circuits are selected from the group consisting essentially of sneak data, sneak logic, sneak paths, sneak timing, sneak indication, sneak labels and sneak signatures.
  - 41. The system of claim 29 wherein said active protection code is selected from the group consisting essentially of debuggers, decompilers, disassemblers, exploiter tool signature recognition, alert routines, situational awareness display interfaces, low frequency transmissions, and honeypot insertion to provide gathering of forensics code based on tool signatures.
  - 42. The system of claim 32 wherein said collecting module further comprises evaluating said forensics data;
    - identifying new exploiter techniques and tools;
      
      defining new threats and approaches for countering said new threats;
      
      modifying said sneak circuits to counter said new threats;
      
      testing modified software application; and
      
      releasing said modified software application.

43. A system for protecting application software from reverse engineering or tampering, comprising:
- means for seeding said application software with sneak circuits based on performance indicators;
  
  means for analyzing performance indicators and protection indicators of said application software in test mode after said seeding;
  
  means for modifying seeding if said performance indicators and said protection indicators reach a predetermined tradeoff value; and
  
  means for inserting active protection code in said application software.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 44. The system of claim 43 further comprising means for establishing strategy vectors from static metrics analysis of said application software and dynamic metrics analysis of said application software for providing assistance with developing performance indicators.
  - 45. The system of claim 43 further comprising means for conditioning said application software to obfuscate source code of said application software.
  - 46. The system of claim 43 further comprising:
    - means for executing a protected version of said application software in normal mode after inserting said active protection code; and
      
      means for collecting forensics data while executing said protected version.
  - 47. The system of claim 44 wherein said strategy vectors are a function of application software size.
  - 48. The system of claim 44 wherein said strategy vectors are a function of an application domain for said application software.
  - 49. The system of claim 44 wherein said strategy vectors are a function of an application software threat.
  - 50. The system of claim 44 wherein said strategy vectors are a function of benchmark performance data related to said application software.
  - 51. The system of claim 44 further comprising a static analyzing means for statically analyzing source code of said application software, collecting static metrics data and reporting said static metrics data in a metrics report.
  - 52. The system of claim 44 further comprising a dynamic analyzing means for to dynamically analyzing said application software, collecting dynamic metrics data, storing said dynamic metrics data in a dynamic metrics database, and reporting said dynamic metrics data in a metrics report.
  - 53. The system of claim 43 further comprising a storing means for saving seeding performance benchmarks after analyzing performance indicators and protection indicators.
  - 54. The system of claim 43 wherein said sneak circuits are selected from the group consisting essentially of sneak data, sneak logic, sneak paths, sneak timing, sneak indication, sneak labels and sneak signatures.
  - 55. The system of claim 43 wherein said active protection code is selected from the group consisting essentially of debuggers, decompilers, disassemblers, exploiter tool signature recognition, alert routines, situational awareness display interfaces, low frequency transmissions, and honeypot insertion used to provide gathering of forensics code based on tool signatures.
  - 56. The system of claim 46 wherein said means for collecting forensics data further comprises evaluating said forensics data;
    - identifying new exploiter techniques and tools;
      
      defining new threats and approaches for countering said new threats;
      
      modifying said sneak circuits to counter said new threats;
      
      testing modified software application; and
      
      releasing said modified software application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Reifer Consultants, Inc.
Original Assignee
Reifer Consultants, Inc.
Inventors
Reifer, Donald

Application Number

US11/382,768
Publication Number

US 20070266434A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/14 against software analysis o...

Protecting Applications Software Against Unauthorized Access, Reverse Engineering or Tampering

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

56 Claims

Specification

Solutions

Use Cases

Quick Links

Protecting Applications Software Against Unauthorized Access, Reverse Engineering or Tampering

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

56 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links