Introducing Code Assets of a New White-Box Security Modeling Language

Author

He Sun ; Lin Liu ; Letong Feng ; Yuan Xiang Gu

Author_Institution

Sch. of Software, Tsinghua Univ., Beijing, China

fYear

2014

fDate

21-25 July 2014

Firstpage

116

Lastpage

121

Abstract

This paper argues about a new conceptual modeling language for the White-Box (WB) security analysis. In the WB security domain, an attacker may have access to the inner structure of an application or even the entire binary code. It becomes pretty easy for attackers to inspect, reverse engineer, and tamper the application with the information they steal. The basis of this paper is the 14 patterns developed by a leading provider of software protection technologies and solutions. We provide a part of a new modeling language named i-WBS(White-Box Security) to describe problems of WB security better. The essence of White-Box security problem is code security. We made the new modeling language focus on code more than ever before. In this way, developers who are not security experts can easily understand what they need to really protect.

Keywords

computer crime; data protection; source code (software); specification languages; WB security analysis; attacker; binary code; code assets; code security; i-WBS; reverse engineer; software protection solutions; software protection technologies; white-box security modeling language; Analytical models; Binary codes; Computational modeling; Conferences; Security; Software; Testing; Code security; Security modeling language; White-box security; i-WBS;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference Workshops (COMPSACW), 2014 IEEE 38th International

Conference_Location

Vasteras

Type

conf

DOI

10.1109/COMPSACW.2014.24

Filename

6903115