Download PDFOpen PDF in browser

Resilient Self-Debugging Software Protection

EasyChair Preprint no. 3739

10 pagesDate: July 3, 2020

Abstract

Debuggers are a popular reverse engineering and tampering tool. Self-debugging is an effective technique for applications to defend themselves against hostile debuggers. In penetration tests on state-of-the-art self-debugging, we observed several opportunities through which it could be attacked, however. We therefore improved upon the existing technique, making it more resilient by introducing reciprocal debugging and making the transfers of control between protected application and self-debugger more stealthy. This paper presents the improved self-debugging design, and details our research efforts into realizing reciprocal debugging. In our evaluation we show that the improved design is significantly harder for attackers to defeat.

Keyphrases: anti-debugging, Anti-tampering, reverse engineering, self-debugging, software protection

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@Booklet{EasyChair:3739,
  author = {Bert Abrath and Bart Coppens and Ilja Nevolin and Bjorn De Sutter},
  title = {Resilient Self-Debugging Software Protection},
  howpublished = {EasyChair Preprint no. 3739},

  year = {EasyChair, 2020}}
Download PDFOpen PDF in browser