Anti-tamper software

Anti-tamper software is software which makes it harder for an attacker to modify it. The measures involved can be passive such as obfuscation to make reverse engineering difficult or active tamper-detection techniques which aim to make a program malfunction or not operate at all if modified. It is essentially tamper resistance implemented in the software domain. It shares certain aspects but also differs from related technologies like copy protection and trusted hardware, though it is often used in combination with them. Anti-tampering technology typically makes the software somewhat larger and also has a performance impact. There are no provably secure software anti-tampering methods; thus, the field is an arms race between attackers and software anti-tampering technologies. Tampering can be malicious, to gain control over some aspect of the software with an unauthorized modification that alters the computer program code and behaviour. Examples include installing rootkits and backdoors, disabling security monitoring, subverting authentication, malicious code injection for the purposes of data theft or to achieve higher user privileges, altering control flow and communication, license code bypassing for the purpose of software piracy, code interference to extract data or algorithms and counterfeiting. Software applications are vulnerable to the effects of tampering and code changes throughout their lifecycle from development and deployment to operation and maintenance. Anti-tamper protection can be applied as either internally or externally to the application being protected. External anti-tampering is normally accomplished by monitoring the software to detect tampering. This type of defense is commonly expressed as malware scanners and anti-virus applications. Internal anti-tampering is used to turn an application into its own security system and is generally done with specific code within the software that will detect tampering as it happens.