AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
They address the hacker activities related to (i) understanding code (ii) defining the attack strategy (iii) selecting and customizing the tools and (iv) defeating the protections. Based on these annotations we built a taxonomy consisting of 169 concepts. The qualitative analysis resulted in 459 and 265 annotations added respectively to the industrial and to the public challenge reports. We have applied a systematic qualitative analysis methodology to the hackers’ reports relative to the industrial case studies and the public challenge. Within Aspire, a software protection research project funded by the EU under framework programme FP7, we have conducted three industrial case studies with the involvement of professional penetration testers and a public challenge consisting of eight attack tasks with open participation. Knowledge of the actual hacker behaviours while performing real attack tasks can inform better ways to protect the software and can provide more realistic assumptions to the developers, evaluators, and users of software protections. The process and strategy followed by hackers to understand and tamper with protected software might differ from program understanding for benign purposes. ![]() When critical assets or functionalities are included in a piece of software accessible to the end users, code protections are used to hinder or delay the extraction or manipulation of such critical assets.
0 Comments
Read More
Leave a Reply. |