- Ghent University, Belgium
The EMRESS project (Evaluation Models for the Resilience and Stealth of Software Protections and Malware) is a collaboration between the Institute of IT Security at St. Pölten UAS deals and the Belgian university of Ghent. The researchers look at the question of how to quantify the effect of software protection techniques. Software protection tools are used in both commercial programmes and malware but even though they have been investigated for more than two decades and are very common, so far no robust models to determine the strength of possible protection mechanisms exist. This poses difficulties for software providers, who lack an automated decision-making system to choose the ideal protection strategy for their software as well as malware analysts, who have to determine the correct analysis strategy depending on the protection techniques that are used by the malware.
Resilience und Stealth
EMRESS aims at developing quantitative prediction models that can estimate the strength of the software protection when faced with different analysis strategies (resilience) and the concealment of the protection (stealth). To strengthen resilience, novel models and metrics to predict the reversibility of existing protection mechanisms by using state-of-the-art tools und software-analysis techniques will be developed. Stealth will be made quantifiable through novel techniques for the identification of code areas in software with a given semantic.
Quantitative prediction models will significantly improve the measurability of software protection mechanisms for both research and application. The project is also expected to positively affect the research areas of software testing and software-assurance.