The Community for Technology Leaders
RSS Icon
Issue No.06 - November/December (2007 vol.5)
pp: 32-40
Ugo Piazzalunga , Eutronsec Infosecurity
Paolo Salvaneschi , University of Bergamo
Francesco Balducci , Turin Polytechnic
Pablo Jacomuzzi , Turin Polytechnic
Cristiano Moroncelli , Turin Polytechnic
Many people consider dongles to be among the strongest forms of copy protection, but how much security do they actually offer? The model presented here aims to monetize the security strength of dongle-protected software by forecasting the amount of time a hypothetical attacker would take to break it.
hacking, phreaking, hardware, software, security
Ugo Piazzalunga, Paolo Salvaneschi, Francesco Balducci, Pablo Jacomuzzi, Cristiano Moroncelli, "Security Strength Measurement for Dongle-Protected Software", IEEE Security & Privacy, vol.5, no. 6, pp. 32-40, November/December 2007, doi:10.1109/MSP.2007.176
1. C.S. Collberg and C. Thomborson, "Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection," IEEE Trans. Software Eng., vol. 28, no. 8, 2002, pp. 735–746.
2. Worldwide Hardware Authentication Token 2004–2008 Forecast and 2003 Vendor Shares, IDC document #31432, IDC, June 2004.
3. J. Viega and G. McGraw, Building Secure Software, Addison-Wesley, 2001.
4. P. Cerven, Crackproof Your Software, No Starch Press, 2002.
5. S.E. Schechter, "Toward Econometric Models of the Security Risk from Remote Attack," IEEE Security &Privacy, vol. 3, no. 1, 2005, pp. 40–44.
6. F. Balducci, P. Jacomuzzi, and C. Moroncelli, Security Measure of Protected Software: A Methodology and an Application to Dongles, MS thesis (in Italian), Dept. of Electronics, Turin Polytechnic, 2005.
7. R. Anderson, Security Engineering, Wiley, 2001.
8. S. Ring and E. Cole, "Taking a Lesson from Stealthy Rootkits," IEEE Security &Privacy, vol. 2, no. 4, 2004, pp. 38–45.
9. M. Howard and D. LeBlanc, Writing Secure Code, Microsoft Press, 2003.
10. G. Hoglund and G. McGraw, Exploiting Software, Addison-Wesley, 2004.
11. S. Chow et al., "A White-Box DES Implementation for DRM Applications," ACM CCS-9 DRM Workshop, 2002
12. B. Schneier, "Attack Trees: Modeling Security Threats," Dr. Dobb's J., vol. 24, no. 12, 1999, pp. 21–29.
13. M. Andrews and J.A. Whittaker, How to Break Web Software, Addison-Wesley, 2006.
14. Open Web Application Security Project Foundation, "A Guide to Building Secure Web Applications and Web Services, 2.1" (DRAFT 3), Feb. 2006; .
14 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool