Delayed and controlled failures in tamper-resistant software

Gang Tan, Yuqun Chen, Mariusz H. Jakubowski

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Scopus citations


Tamper-resistant software (TRS) consists of two functional components: tamper detection and tamper response. Although both are equally critical to the effectiveness of a TRS system, past research has focused primarily on the former, while giving little thought to the latter. Not surprisingly, many successful breaks of commercial TRS systems found their first breaches at the relatively naïve tamper-response modules. In this paper, we describe a novel tamper-response system that evades hacker detection by introducing delayed, probabilistic failures in a program. This is accomplished by corrupting the program's internal state at well-chosen locations. Our tamper-response system smoothly blends in with the program and leaves no noticeable traces behind, making it very difficult for a hacker to detect its existence. The paper also presents empirical results to demonstrate the efficacy of our system.

Original languageEnglish (US)
Title of host publicationInformation Hiding - 8th International Workshop, IH 2006, Revised Selected Papers
PublisherSpringer Verlag
Number of pages16
ISBN (Print)9783540741237
StatePublished - Jan 1 2007
Event8th International Workshop on Information Hiding, IH 2006 - Alexandria, VA, United States
Duration: Jun 10 2006Jun 12 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4437 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other8th International Workshop on Information Hiding, IH 2006
Country/TerritoryUnited States
CityAlexandria, VA

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Delayed and controlled failures in tamper-resistant software'. Together they form a unique fingerprint.

Cite this