• Home
• Projects
•   Man-At-The-End
•   Ad Hoc Networks
•   Malware Analysis
•   Multipath Routing
• Curricula
• Grants
• Materials
• Papers
• People
• Resources

The Software Security Group at the University of Arizona considers a scenario in which a piece of software needs to be protected against an attacker (the man-at-the-end) who has physical access to the software and so is able to inspect, modify, and execute it. The goal is to prevent the attacker from extracting sensitive information from the software, to prevent him from making changes to the behavior of the software, or, at least, to detect and report when such attacks are underway.

In spite of having received comparatively little attention from the security research community, man-at-the-end attacks can have serious consequences. For example, on an individual scale they can violate the privacy and integrity of medical records and other sensitive personal data; on a larger scale, such attacks can cripple national infrastructure (such as the power grid and the Internet itself).

Traditional defensive approaches, where the sensitive software hides behind a defensive wall (e.g., firewalls, malware scanners, intrusion-detection systems), are not applicable in this scenario since the attacker has physical access to the software, the operating system on which it runs, as well as the underlying hardware.