F-LaaS: A Control-Flow-Attack Immune License-as-a-Service Model

2019 
We use license servers to verify users' credentials and to restrict access to proprietary software. Due to logistical reasons, it is often economical to use third-party servers to manage licenses. Sadly, users on client machines can mount sophisticated attacks on the executables and try to circumvent the license check. This can be used to crack the software, and thus it is necessary for software writers to prevent such attacks, which include the use of additional code to check the integrity of the binary and the control flow. In spite of such techniques, modern control flow bending(CFB) techniques that rely on running instrumented binaries on virtual machines can circumvent such checks and change the behavior of branches and jumps at runtime. They are however extremely computationally inefficient. We propose an AI-based technique that is an order of magnitude faster than the state-of-the-art and show its efficacy by breaking three widely used license managers, and five popularly used software. Finally, we propose a new license management service, F-LaaS, which hides key functions in the binary. These functions are downloaded at runtime upon the successful verification of the license. We show that the mean performance overhead of F-LaaS is negligible: 0.26%.
    • Correction
    • Source
    • Cite
    • Save
    • Machine Reading By IdeaReader
    17
    References
    0
    Citations
    NaN
    KQI
    []