CheckMATE '24 - Research on Offensive and Defensive Techniques in the context of Man At The End (MATE) Attacks

MATE (Man-At-The-End) is an attacker model where an adversary has access to the target software and/or hardware environment of his victim and the ability to observe and modify it in order to extract secrets such as cryptographic keys or sensitive information, possibly with the subsequent goal of compromising code integrity or inserting backdoors, among others. A typical example of such a scenario is the case of an attack on a stolen smartphone or against software leveraging protection to offer premium content and/or features such as paid TV channels.

The main focus of CheckMATE is on new models and techniques to defend software from tampering, reverse engineering, and piracy as well as to the development of new attack strategies that highlight the need of more complete defenses. We include both offensive and defensive techniques because of their close and intertwined relationship depending on the attack scenario. For instance, reverse engineering is defensive when the goal is to analyse obfuscated malware, but it is offensive when it is used to steal intellectual property and assets in legitimate software. Likewise, obfuscation is defensive when it aims for protecting a legitimate asset against reverse engineering, while it is offensive if it is used to hide that malware is embedded in an application. Both scenarios are of practical relevance, and therefore CheckMATE includes all attacks on/defenses of the confidentiality and integrity of software applications and assets embedded therein and exposed to MATE attacks. In such scenarios, attackers have full control over, and access to the hardware and/or software they are attacking in a controlled environment.