Indirect data representation via offset vectoring: A Code-integrity-driven In-memory Data Regeneration Scheme

Erik Sonnleitner, Marc Kurz, Alexander Palmanshofer

Research output: Chapter in Book/Report/Conference proceedingsConference contributionpeer-review

Abstract

A common problem in software development is how to handle sensitive information required for appropriate process execution, especially when requesting user input like passwords or -phrases for proper encryption is not applicable due to I/O, UI or UX limitations. This often leads to such information being either stored directly in the source code of the application, or as plaintext in a separate file. We therefore propose an experimental scheme for dynamically recovering arbitrary chunks of information based on the integrity of the text-segment of a running process, without the information being easily extractible from either an on-disk binary, memory dump or the memory map of a running process. Implementing an algorithm we call offset vectoring, this method can help dealing with sensitive information and enhancing the resistance against attacks which aim at extracting such data as well as attempts towards modifying an application, e.g. for the purposes of cracking software.

Original languageEnglish
Title of host publicationSECRYPT
EditorsMohammad S. Obaidat, Mohammad S. Obaidat, Pierangela Samarati
PublisherSciTePress
Pages333-340
Number of pages8
ISBN (Electronic)9789897583780
DOIs
Publication statusPublished - 2019
Event16th International Joint Conference on e-Business and Telecommunications, ICETE 2019 - Prague, Czech Republic
Duration: 26 Jul 201928 Jul 2019

Publication series

NameICETE 2019 - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications
Volume2

Conference

Conference16th International Joint Conference on e-Business and Telecommunications, ICETE 2019
Country/TerritoryCzech Republic
CityPrague
Period26.07.201928.07.2019

Keywords

  • Code Security
  • Credential Storage
  • Information Hiding
  • Steganography

Fingerprint

Dive into the research topics of 'Indirect data representation via offset vectoring: A Code-integrity-driven In-memory Data Regeneration Scheme'. Together they form a unique fingerprint.

Cite this