Hyperviseur de protection d'exécutables - Etude, développement et discussion

Abstract : To ensure the continuity of the company, it must seek export contracts. In the defense field, these contracts are often accompanied by transfers of technology (ToT) to the recipient country. These, are partial and a compromise is needed between the protection of industrial property, the national secret and the client requests. It is in this context, particularly in DCNS, we are looking for new techniques in software protection. Faced with the failure of the various techniques protections (obfuscations and packer), which allow only to slow understanding of the code, a new approach of protection is discussed. The main idea is to filter the memory accesses, that contains the sensitive data. This solution, which is part of a strong industrial environment should impact the minimum system and applications provided by DCNS. We propose an architecture that uses the latest technologies Intel and particularly the hardware virtualization. This technology, allows us to obtain a high level of privilege and to control precisely the applications. Our solution allows to protect executable data of the ELF binary; in the plateforms 32 and 64 bits without modifying the targeted system. We detail the differents steps to protect a process (from its start to its finish) and the different problems encountered and the choices to address it. We also show, through various measures, the effectiveness of our architecture and its low impact on the guest system. In our implementation, only executable data are protected, we propose food for thoughts to fully protect binary memory. And the evolutions, to integrate our solution in a trusted architecture to ameliorate its robustness Our solution forbids, by construction, all the reads and writes of the sensitive data and is compatible with all Linux distributions without modifications.
Complete list of metadatas

https://pastel.archives-ouvertes.fr/pastel-00976713
Contributor : Eddy Deligne <>
Submitted on : Thursday, April 10, 2014 - 11:51:45 AM
Last modification on : Friday, June 6, 2014 - 3:40:52 PM
Long-term archiving on : Thursday, July 10, 2014 - 11:46:12 AM

Identifiers

  • HAL Id : pastel-00976713, version 1

Collections

Citation

Eddy Deligne. Hyperviseur de protection d'exécutables - Etude, développement et discussion. Cryptographie et sécurité [cs.CR]. Ecole Polytechnique X, 2014. Français. ⟨pastel-00976713⟩

Share

Metrics

Record views

482

Files downloads

344