TETRACOM: Technology Transfer in Computing Systems

TETRACOM: Technology Transfer in Computing Systems
FP7 Coordination and support action to fund 50 technology transfer projects (TTP) in computing systems.
FP7 Coordination and Support Action to fund 50 technology transfer projects (TTP) in computing systems.
This project has received funding from the European Union’s Seventh Framework Programme for research,
This project has received funding from the European Union’s Seventh Framework Programme for research,
technological development and demonstration under grant agreement n⁰ 609491.
technological development and demonstration under grant agreement n⁰ 609491.
Software protection of native Android libraries
Bjorn De Sutter, Koen De Bosschere, Ghent University, Belgium
Samsung Research, United Kingdom
TTP Problem
•
relatively open platform, mostly running ARM / x86 processors
•
used for smartphones, tablets, TVs
•
customization and apps added by the device vendor
1.Native libraries provide security-critical
and performance-critical functionality
2.So protection is needed against
reverse engineering and tampering
3.Open source compilers are used
in Android NDK (LLVM, gcc)
TTP Solution
•
Link-time rewriting framework
•
Used for many code rewriting applications
•
Compatible with open source compilers
•
Supports multiple architectures, incl. x86 & ARM
•
More than a decade of research
source code
#include <stdio.h>
int#include
main(int <stdio.h>
argc, char **argv) {
#include
<stdio.h>
int
main(int
argc,
char **argv) {
printf(“hello,
world!\n”);
#include
<stdio.h>
int main(int argc,
char **argv) {
printf(“hello,
world!\n”);
}
int
main(int
argc,
char **argv) {
printf(“hello, world!\n”);
}
printf(“hello, world!\n”);
}
}
gcc / llvm
object files
00100100111101
11100011001011010010101010010101
00100100111101
00100100111101
01010110101010101010101010101010
111000110010110100101010100101010
00100100111101
11100011001011010010101010010101
10101010101010110101010010101010
101011010101010101010101010101010
11100011001011010010101010010101
01010110101010101010101010101010
10 10101010101011010101001010101010
01010110101010101010101010101010
10101010101010110101010010101010
10 10101010101010110101010010101010
10
ld &
obfuscated
executable
before the project:
after the project:
•
statically linked binaries
•
•
•
statically linked binaries
dynamically linked binaries
dynamically linked libraries
•
x86 and ARMv4
•
x86 and ARMv7 (incl. Thumb2)
•
C & Fortran
•
•
C & Fortran
C++ (incl. exceptions)
•
•
GCC 3.2.2/4.3.6
Linux only
•
•
•
GCC 4.8.1
LLVM 3.4
Android 4.3 (NDK API-level 18)
•
x86 software protection
•
x86 & ARM software protection
_
111000110010110100101010100101010101
011010101010101010101010101010101010
101010110101
111000110010110100101010100101010101
011010101010101010101010101010
TTP Facts
Contact: Bjorn De Sutter
E-mail: [email protected]
TETRACOM contribution: 25,000 EUR
Duration: 06/01/2014-31/09/2014
TETRACOM coordinator: Prof. Rainer Leupers, [email protected]
http://www.tetracom.eu | @TetracomProject