Please note, this is the 2024 edition of the CheckMATE Workshop website, provided for archival purposes. For the most current edition, please click here.

The CheckMATE workshop will be co-located with the
ACM Conference on Computer and Communications Security (CCS) 2024

October 18, 2024 - Salt Lake City, U.S.A.

2024 - Call For Papers
2024 - Program
2024 - Organizers

MATE (Man-At-The-End) is an attacker model where an adversary has access to the target software and/or hardware environment of his victim and the ability to observe and modify it in order to extract sensitive information or secrets. This information could include cryptographic keys, configuration information, etc. Possible goals of an attack might include compromising code integrity, inserting backdoors, among many others. Typical examples of such scenarios are an attack on a stolen smartphone or against software leveraging protection to offer premium content and/or features such as paid TV channels.

Call For Papers

Important Dates

Paper Submission Deadline	~~20th June 2024~~ 12th July 2024
Notification to authors	8th August 2024
Camera-ready versions	25th August 2024

Note: all deadlines are Anywhere On Earth (AOE) time

Submission site: https://checkmate24.hotcrp.com/

Extended versions of selected papers will be invited to the Special Issue on Offensive and Defensive Techniques in the Context of Man At The End (MATE) Attacks of the ACM Digital Threats: Research and Practice (DTRAP) journal.

MATE (Man-At-The-End) is an attacker model where an adversary has access to the target software and/or hardware environment of his victim and the ability to observe and modify it in order to extract secrets such as cryptographic keys or sensitive information, possibly with the subsequent goal of compromising code integrity or inserting backdoors, among others. A typical example of such a scenario is the case of an attack on a stolen smartphone or against software leveraging protection to offer premium content and/or features such as paid TV channels.

The main focus of CheckMATE is on new models and techniques to defend software from tampering, reverse engineering, and piracy as well as to the development of new attack strategies that highlight the need of more complete defenses. We include both offensive and defensive techniques because of their close and intertwined relationship depending on the attack scenario. For instance, reverse engineering is defensive when the goal is to analyse obfuscated malware, but it is offensive when it is used to steal intellectual property and assets in legitimate software. Likewise, obfuscation is defensive when it aims for protecting a legitimate asset against reverse engineering, while it is offensive if it is used to hide that malware is embedded in an application. Both scenarios are of practical relevance, and therefore CheckMATE includes all attacks on/defenses of the confidentiality and integrity of software applications and assets embedded therein and exposed to MATE attacks. In such scenarios, attackers have full control over, and access to the hardware and/or software they are attacking in a controlled environment.

CheckMATE will provide a discussion forum for researchers and industrial practitioners that are exploring theoretical definitions and frameworks, implementing and using practical methods and empirical studies, and those developing new tools or techniques in this unique area of security. Workshop communities have historically provided exchange of ideas and support for cooperative relationships among researchers in industry, academia, and government. Indeed, one of the objectives of CheckMATE is to stimulate the community working in this growing area of security, and to increase the synergies between the research areas of software protection engineering and their practical deployment.

Strongly encouraged are proposals of new, speculative ideas, metrics, tools, and procedures for evaluating tamper-proofing, watermarking, obfuscation, birthmarking, and software protection algorithms in general. Assessment of new or known techniques in practical settings and discussions of emerging threats, and problems are expected. Likewise, reverse engineering of low-level constructs such as machine code or gate-level circuit definitions through static and dynamic analysis is geared to recover information to determine the intent of programs and understand their inner workings as well as for classifying them with respect to similar known code (which is typically malicious). CheckMATE welcomes original work on the formal investigation of software protection, where formal methods are used to better understand the nature, relations, potentialities, and limits of software security techniques.

Topics can include but are not limited to:

Software attacks and defenses techniques:

Code Obfuscation and De-obfuscation
Anti-Debugging and Anti-Simulation
Software Diversity, Renewability, and Moving Target Defenses
Data Obfuscation and White-box Cryptography
Software Tampering and Anti-tampering , Online Software Protections
Software Similarity, Plagiarism detection, Authorship Attribution, Legal aspects
Software Licensing, Watermarking, Fingerprinting, Anti-cloning
Software Steganography, Information Hiding and Discovery
Open-Source tools for software protection
Malware Analysis
Static and Dynamic Program Analysis, Symbolic Execution
Man-at-the-end (MATE) Attack Technologies
Security of AI and Machine Learning in the context of MATE
Smart Device Software Attack and Defenses
Hardware-based Software Protection
Formal methods for modeling security attacks and defenses

Software Security Evaluation, Decision Support and Industrial Aspects:

Evaluation Methodologies
Threat Modeling
Decision Support Systems and Security Optimization
Protection Tool Chains and Integrated Development Environments
Protected Software Architectures and Build Process Integration
Security Validation and Best Practices from Industry
Software Protection on Heterogeneous Platforms (sensors, smartphones, cloud)
Software Protection Benchmarks

Submission guidelines

Papers must be submitted in a form suitable for anonymous review.
Papers must describe original work, be written and presented in English, and must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with refereed proceedings.
Submissions must be a PDF file in double-column ACM format (see https://www.acm.org/publications/proceedings-template, with a simpler version at https://github.com/acmccs/format).
Submissions may not exceed 12 pages long or 6 pages for short papers, excluding the bibliography, well-marked appendices, and supplementary material. Submissions are not required to reach the page limit. Note that reviewers are not required to read the appendices or any supplementary material. Authors should not change the font or the margins of the ACM format. Submissions not following the required format may be rejected without review.
One of the authors of the accepted paper is expected to present the paper in person at the workshop.

Ethical considerations

Submissions that describe experiments on human subjects, that analyze data derived from human subjects (even anonymized data), or that otherwise may put humans at risk should:

Disclose whether the research received an approval or waiver from each of the authors’ institutional ethics review boards (IRB) if applicable.
Discuss steps taken to ensure that participants and others who might have been affected by an experiment were treated ethically and with respect.
If a submission deals with any kind of personal identifiable information (PII) or other kinds of sensitive data, the version of the paper submitted for review must discuss in detail the steps the authors have taken to mitigate harms to the persons identified. If a paper raises significant ethical and/or legal concerns, it might be rejected based on these concerns. The CheckMATE workshop chairs will be happy to consult with authors about how this policy applies to their submissions

Program

Accepted Papers

Regular Papers

David Schwarzbeck, Daniela Novac, Michael Philippsen - Register Expansion and SemaCall: 2 low-overhead dynamic Watermarks suitable for Automation in LLVM
Sam Collins, Alex Poulopoulos, Marius Muench, Tom Chothia - Anti-Cheat: Attacks and the Effectiveness of Client-Side Defences
Thomas Faingnaert, Tianyi Zhang, Willem Van Iseghem, Gertjan Everaert, Bart Coppens, Christian Collberg, Bjorn De Sutter - Tools and Models for Software Reverse Engineering Research
Matti Schulze, Christian Lindenmeier, Jonas Röckl, Felix Freiling - IlluminaTEE: Effective Man-At-The-End Attacks from within ARM TrustZone
Sebastián R. Castro, Alvaro Cardenas - Ghost in the SAM: Stealthy, Robust, and Privileged Persistence through Invisible Accounts

Short Papers

Thomas Faingnaert, Willem Van Iseghem, Bjorn De Sutter - K-Hunt++: Improved Dynamic Cryptographic Key Extraction

Program

9:00	Morning Session 1
9:00 - 9:15	Welcome Message
9:15 - 9:35	Register Expansion and SemaCall: 2 low-overhead dynamic Watermarks suitable for Automation in LLVM
9:35 - 9:55	IlluminaTEE: Effective Man-At-The-End Attacks from within ARM TrustZone
9:55 - 10:10	K-Hunt++: Improved Dynamic Cryptographic Key Extraction (short)
10:10 - 11:00	Coffee Break
11:00	Morning Session 2
11:00 - 11:20	Anti-Cheat: Attacks and the Effectiveness of Client-Side Defences
11:20 - 11:40	Tools and Models for Software Reverse Engineering Research
11:40 - 12:00	Ghost in the SAM: Stealthy, Robust, and Privileged Persistence through Invisible Accounts
12:00 - 12:10	Closing Remarks

Organizers

Chairs

General Chair: Sebastian Schrittwieser, Faculty of Computer Science, University of Vienna, Austria
Program Chair: Michele Ianni, University of Calabria, Italy

Steering Committee

Sebastian Banescu, Technical University of Munich, Germany
Sebastian Bardin, CEA LIST, France
Tim Blazytko, emproof, Germany
Christian Collberg, University of Arizona, USA
Mila Dalla Preda, University of Verona, Italy
Jack Davidson, University of Virginia, USA
Bjorn De Sutter, Ghent University, Belgium
Paolo Falcarin, Ca’ Foscari University of Venice, Italy
Roberto Giacobazzi, University of Arizona, USA
Yuan Gu, IRDETO, Canada
Christophe Hauser, Dartmouth College, USA
Yonghwi Kwon, University of Virginia, USA
Arun Lakhotia, University of Louisiana, USA
Todd McDonald, University of South Alabama, USA
Golden G. Richard III, Louisiana State University, USA
Natalia Stakhanova, University of Saskatchewan, Canada
Brecht Wyseur, Kudelski IoT Security, Switzerland

Program Committee

Mohse Ahmadvand, Quantstamp
Guillaume Bonfante, Université de Lorraine, France
Mariano Ceccato, University of Verona, Italy
Christoph Csallner, University of Texas at Arlington, USA
Peter Garba, Thales Group
Claudia Greco, University of Calabria, Italy
Peter Kieseberg, St. Pölten University of Applied Sciences, Austria
Patrick Kochberger, St. Pölten University of Applied Sciences, Austria
Caroline Lawitschka, University of Vienna, Austria
Jean-Yves Marion, Université de Lorraine, France
Mizuhito Ogawa, Japan Advanced Institute of Science and Technology, Japan
Moritz Schloegel, Ruhr-Universitaet Bochum, Germany
Janaka Senanayake, Robert Gordon University, UK