Doodah

bogwonch · Feb 12, 2012 · bac4482 · bac4482
1 parent 735d87b
commit bac4482
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 0 deletions.
diff --git a/Research-Proposal.md b/Research-Proposal.md
@@ -6,4 +6,5 @@ A growing problem in the field of information-security is exfiltration.  Put sim
 
 Bytecode steganography is a novel technique proposed in 2010 for creating *Platform Independant Programs*[@Cha:2010].   The idea behind it is that between different computer architectures there is enough of an overlap between their compiled bytecode formats that you can construct programs that are valid for both architectures.  One suggested application for this technique is as a defence against program exfiltration.  The idea is that by making a secret modification to an existing virtual machine your program runs correctly on the modified architecture; but when run on an unmodified architecture the program behaves differently—perhaps deleting itself or phoning home.  The advantages to using a steganographic system such as this over DRM would be that not only is the protection difficult to remove (it would require decompilation and binary translation to the unmodified architecture[@Cifuentes:bq]) but that it isn't immediately obvious there is any protection at all as the program remains a valid program for the unmodified architecture.
 
+There has been relatively few attempts to demonstrate bytecode steganography in practice.  I would wish to extend the work from my Masters thesis (on discoving platform independant program snippets for a variety of architectures) and look at the possibility of using bytecode steganography for exfiltration protection.  Specifically I wish to develop a toolchain to modify an existing architecture and create protected programs for it before auditing the generated executables to assess how much security the technique provides.
 
diff --git a/Research-Proposal.pdf b/Research-Proposal.pdf
Original file line number	Diff line number	Diff line change
Expand Up		@@ -6,4 +6,5 @@ A growing problem in the field of information-security is exfiltration. Put sim

		Bytecode steganography is a novel technique proposed in 2010 for creating Platform Independant Programs[@Cha:2010]. The idea behind it is that between different computer architectures there is enough of an overlap between their compiled bytecode formats that you can construct programs that are valid for both architectures. One suggested application for this technique is as a defence against program exfiltration. The idea is that by making a secret modification to an existing virtual machine your program runs correctly on the modified architecture; but when run on an unmodified architecture the program behaves differently—perhaps deleting itself or phoning home. The advantages to using a steganographic system such as this over DRM would be that not only is the protection difficult to remove (it would require decompilation and binary translation to the unmodified architecture[@Cifuentes:bq]) but that it isn't immediately obvious there is any protection at all as the program remains a valid program for the unmodified architecture.

		There has been relatively few attempts to demonstrate bytecode steganography in practice. I would wish to extend the work from my Masters thesis (on discoving platform independant program snippets for a variety of architectures) and look at the possibility of using bytecode steganography for exfiltration protection. Specifically I wish to develop a toolchain to modify an existing architecture and create protected programs for it before auditing the generated executables to assess how much security the technique provides.