Sciweavers

VEE
2012
ACM

Replacement attacks against VM-protected applications

12 years 7 months ago
Replacement attacks against VM-protected applications
Process-level virtualization is increasingly being used to enhance the security of software applications from reverse engineering and unauthorized modification (called software protection). Processlevel virtual machines (PVMs) can safeguard the application code at run time and hamper the adversary’s ability to launch dynamic attacks on the application. This dynamic protection, combined with its flexibility, ease in handling legacy systems and low performance overhead, has made process-level virtualization a popular approach for providing software protection. While there has been much research on using process-level virtualization to provide such protection, there has been less research on attacks against PVM-protected software. In this paper, we describe an attack on applications protected using process-level virtualization, called a replacement attack. In a replacement attack, the adversary replaces the protecting PVM with an attack VM thereby rendering the application vulnerable...
Sudeep Ghosh, Jason Hiser, Jack W. Davidson
Added 25 Apr 2012
Updated 25 Apr 2012
Type Journal
Year 2012
Where VEE
Authors Sudeep Ghosh, Jason Hiser, Jack W. Davidson
Comments (0)