About: Software taggant

Property	Value
dbo:abstract	A software taggant is a cryptographic signature added to software that enables positive origin identification and integrity of programs. Software taggants use standard PKI techniques (see Public key infrastructure) and were introduced by the Industry Connections Security Group of IEEE in an attempt to control proliferation of malware obfuscated via executable compression (runtime packer). The concept of a PKI-based system to mitigate runtime packer abuse was introduced in 2010 and described in a Black Hat Briefings presentation by Mark Kennedy and Igor Muttik. The term was proposed by Arun Lakhotia (due to its similarities with chemical taggants) who also analyzed the economics of a packer ecosystem. A software taggant is a form of code signing somewhat similar to Microsoft's Authenticode. The key differences between a software taggant and Authenticode are that the transparent and free addition of a software taggant for the end user of a runtime packer. Also, a software taggant may cover small critical areas of the program to minimize the cost of software integrity checking. To contrast, Authenticode always covers nearly the entire file so the cost of checking linearly depends on the file size. The software taggant project is run by IEEE ICSG and has open-source nature - it is hosted on GitHub and relies on OpenSSL. Software taggants also help to legitimate software from malware which also utilize anti-tampering methods. (en)
dbo:wikiPageID	42572552 (xsd:integer)
dbo:wikiPageLength	2331 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID	1099732604 (xsd:integer)
dbo:wikiPageWikiLink	dbr:Industry_Connections_Security_Group dbr:GitHub dbr:Igor_Muttik dbr:Public_key_infrastructure dbr:Runtime_packer dbr:Executable_compression dbr:Black_Hat_Briefings dbr:Taggant dbr:Code_signing dbc:Cryptographic_algorithms dbr:IEEE dbr:Microsoft dbr:OpenSSL dbr:Malware dbr:Authenticode
dbp:wikiPageUsesTemplate	dbt:Reflist dbt:Computer-security-stub
dcterms:subject	dbc:Cryptographic_algorithms
gold:hypernym	dbr:Signature
rdf:type	dbo:Place yago:WikicatCryptographicAlgorithms yago:Abstraction100002137 yago:Act100030358 yago:Activity100407535 yago:Algorithm105847438 yago:Event100029378 yago:Procedure101023820 yago:PsychologicalFeature100023100 yago:YagoPermanentlyLocatedEntity yago:Rule105846932
rdfs:comment	A software taggant is a cryptographic signature added to software that enables positive origin identification and integrity of programs. Software taggants use standard PKI techniques (see Public key infrastructure) and were introduced by the Industry Connections Security Group of IEEE in an attempt to control proliferation of malware obfuscated via executable compression (runtime packer). (en)
rdfs:label	Software taggant (en)
owl:sameAs	freebase:Software taggant yago-res:Software taggant wikidata:Software taggant https://global.dbpedia.org/id/fAfd
prov:wasDerivedFrom	wikipedia-en:Software_taggant?oldid=1099732604&ns=0
foaf:isPrimaryTopicOf	wikipedia-en:Software_taggant
is dbo:wikiPageWikiLink of	dbr:Industry_Connections_Security_Group dbr:Igor_Muttik dbr:Executable_compression dbr:Taggant
is foaf:primaryTopic of	wikipedia-en:Software_taggant