Anti-tamper Software
   HOME

TheInfoList



Click Here for Items Related To - Anti-tamper Software
OR:
Anti-tamper Software on:   [Wikipedia]   [Google]   [Amazon]

Anti-tamper software is software which makes it harder for an attacker to modify it. The measures involved can be passive such as
obfuscation Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent u ...
to make reverse engineering difficult or active tamper-detection techniques which aim to make a program malfunction or not operate at all if modified. It is essentially
tamper resistance Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and ti ...
implemented in the software domain. It shares certain aspects but also differs from related technologies like
copy protection Copy protection, also known as content protection, copy prevention and copy restriction, describes measures to enforce copyright by preventing the reproduction of software, films, music, and other media. Copy protection is most commonly found on ...
and trusted hardware, though it is often used in combination with them. Anti-tampering technology typically makes the software somewhat larger and also has a performance impact. There are no
provably secure Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields. Usually, this refers to mathematical proofs, which are common in cryptography. In such a proof, the capabiliti ...
software anti-tampering methods; thus, the field is an
arms race An arms race occurs when two or more groups compete in military superiority. It consists of a competition between two or more states to have superior armed forces; a competition concerning production of weapons, the growth of a military, and t ...
between attackers and software anti-tampering technologies. Tampering can be malicious, to gain control over some aspect of the software with an unauthorized modification that alters the
computer program A computer program is a sequence or set of instructions in a programming language for a computer to execute. Computer programs are one component of software, which also includes documentation and other intangible components. A computer program ...
code and behaviour. Examples include installing
rootkits A rootkit is a collection of software, computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence o ...
and
backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so titl ...
s, disabling security monitoring, subverting authentication,
malicious code Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depr ...
injection for the purposes of data theft or to achieve higher user privileges, altering control flow and communication, license code bypassing for the purpose of software piracy, code interference to extract data or algorithms and counterfeiting. Software applications are vulnerable to the effects of tampering and code changes throughout their lifecycle from development and deployment to operation and maintenance. Anti-tamper protection can be applied as either internally or externally to the application being protected. External anti-tampering is normally accomplished by monitoring the software to detect tampering. This type of defense is commonly expressed as
malware scanner Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
s and anti-virus applications. Internal anti-tampering is used to turn an application into its own security system and is generally done with specific code within the software that will detect tampering as it happens. This type of tamper proofing defense may take the form of runtime integrity checks such as
cyclic redundancy checksum A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to digital data. Blocks of data entering these systems get a short ''check value'' attached, based on ...
s,
anti-debugging In computer programming and software development, debugging is the process of finding and resolving ''Software bug, bugs'' (defects or problems that prevent correct operation) within computer programs, software, or Software system, systems. Deb ...
measures, encryption or
obfuscation Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent u ...
. Execution inside a
virtual machine In computing, a virtual machine (VM) is the virtualization/emulation of a computer system. Virtual machines are based on computer architectures and provide functionality of a physical computer. Their implementations may involve specialized hardw ...
has become a common anti-tamper method used in recent years for commercial software; it is used for example in
StarForce The Starforce is a supervillain team appearing in American comic books published by Marvel Comics. Its first appearance was in the comic ''The Avengers (comic book), Avengers'' #346 released in 1992, as part of the "Operation: Galactic Storm" st ...
and
SecuROM SecuROM was a CD/DVD copy protection and digital rights management (DRM) product developed by Sony DADC. It aims to prevent unauthorised copying and reverse engineering of software, primarily commercial computer games running on Microsoft Win ...
. Some anti-tamper software uses
white-box cryptography Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent u ...
, so cryptographic keys are not revealed even when cryptographic computations are being observed in complete detail in a debugger. A more recent research trend is tamper-tolerant software, which aims to correct the effects of tampering and allow the program to continue as if unmodified. A simple (and easily defeated) scheme of this kind was used in the
Diablo II ''Diablo II'' is an action role-playing hack-and-slash video game developed by Blizzard North and published by Blizzard Entertainment in 2000 for Microsoft Windows, Classic Mac OS, and macOS. The game, with its dark fantasy and horror the ...
video game, which stored its critical player data in two copies at different memory locations and if one was modified externally, the game used the lower value. Anti-tamper software is used in many types of software products including: embedded systems, financial applications, software for mobile devices, network-appliance systems, anti-cheating in games, military, license management software, and
digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted works. ...
(DRM) systems. Some general-purpose packages have been developed which can wrap existing code with minimal programing effort; for example the SecuROM and similar kits used in the gaming industry, though they have the downside that semi-generic attacking tools also exist to counter them. Malicious software itself can and has been observed using anti-tampering techniques, for example the
Mariposa botnet The Mariposa botnet, discovered December 2008, is a botnet mainly involved in cyberscamming and denial-of-service attacks. Before the botnet itself was dismantled on 23 December 2009, it consisted of up to 12 million unique IP addresses or up to 1 ...
.


See also

*
Hardening (computing) In computer security, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose ...
*
Fault tolerance Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of one or more faults within some of its components. If its operating quality decreases at all, the decrease is proportional to the ...
*
Denuvo Denuvo Anti-Tamper is an anti-tamper technology and digital rights management (DRM) system developed by Austrian software company Denuvo Software Solutions GmbH, a subsidiary of Irdeto. The company also developed an anti-cheat counterpart. Hi ...
*
Digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted works. ...


References

{{reflist Computer security software