On the impossibility of effectively using likely-invariants for software attestation purposes

Alessio Viticchiè
1,+, Cataldo Basile1, Fulvio Valenza1,2, and Antonio Lioy1
 

1Politecnico di Torino, DAUIN, corso duca degli Abruzzi 24, Turin, Italy

2CNR-IEIIT, corso duca degli Abruzzi 24, Turin, Italy 

first.last@polito.it

 

Abstract

Invariants monitoring is a software attestation technique that aims at proving the integrity of a running application by checking likely-invariants, which are statistically significant predicates inferred on variables’ values. Being very promising, according to the software protection literature, we developed a technique to remotely monitor invariants. This paper presents the analysis we have performed to assess the effectiveness of our technique and the effectiveness of likely-invariants for software attestation purposes. Moreover, it illustrates the identified limitations and our studies to improve the detection abilities of this technique. Our results suggest that, despite further studies and future results may increase the efficacy and reduce the side effects, software attestation based on likely-invariants is not yet ready for the real world. Software developers should be warned of these limitations, if they could be tempted by adopting this technique, and companies developing software protections should not invest in development without also investing in further research.

Keywords: invariants monitoring, software attestation, likely-invariants, software protection

 

+: Corresponding author: Fulvio Valenza
Politecnico di Torino, Dip. di Automatica e Informatica, Corso Duca degli Abruzzi, 24, 10129 Torino,
Tel: +39-(0)11-090-7192

 
Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
 (JoWUA)

Vol. 9, No. 2, pp. 1-25, June 2018 [pdf]