MATLAB: How to protect an EXE file created using deploytool

deploytoolsecurity exe file

How can we optimally protect our EXE file generated using deploytool? What is the best practice? I am aware that it almost impossible to have a fully-protected EXE file created using Matlab deploytool. Am I right?

Best Answer

As soon as we explain the "best practice" to protect an executable, the methods are known in public, which makes it easier to find a workaround. In consequence, the formerly "best" practice is flawed.

As long as executables cannot be protected perfectly, all trials to do so involve some obfuscation. How this can be done, depends on what you try to protect the software from: Copying? Using outside a specified range of time? Reverse engineering? Creating different results on different hardware?

Start with defining, what you want to protect and how much time and money it is worth to spend for this protection.

Related Solutions

MATLAB: Protecting a Simulink block with a password

You can protect your Simulink subsystem by one of three methods:

1) Control user access to subsystems

2) Generate an S-function

3) Create a protected model from your subsystem, that can then be referenced from users' models.

You can protect MATLAB-files by using pcode.

MATLAB: Can I depend on the MATLAB Compiler 4.0 (R14) to protect the intellectual property

When the MATLAB Compiler, or one of the associated Builder products, creates an application, it bundles the MATLAB-based executable and data content of that application into a single file, which is known as the CTF archive. The Compiler encrypts each MATLAB file that it places into the archive. The Compiler does not encrypt any other type of file: MEX-files, MAT-files, FIG-files, Java JAR or class file. Every other type of file is simply copied, unchanged, into the archive.

When the deployable application is later run, the files in the CTF archive are extracted onto the disk. Those files that were encrypted in the archive remain encrypted on the disk.

The MATLAB Compiler uses the Advanced Encryption Standard (AES) encryption algorithm. Different parts of a deployed application have different levels of security:

1. Only the MATLAB files in a deployed application are protected by encryption. However, the names of the MATLAB files are not obscured, neither is the directory structure of the application.
2. The binaries generated by the MATLAB Compiler (the library or executable wrapper code) contain very little of the intellectual property inherent in the application. 
3. Any data shipped with a deployed application (MAT-files or other data files) is not secured by the MATLAB Compiler. You should expect that users can easily access the content in these files unless you encrypt them yourself.

Note that our encryption protocol does not have an “Orange Book” classification. No security protocol or encryption algorithm is ever completely secure. It is possible that a determined attacker could find a way to read the contents of the MATLAB files in a deployed application. We expect this would be quite difficult to do, but we neither claim it is impossible nor can we quantify the level of difficulty.

Best Answer

Related Solutions

MATLAB: Protecting a Simulink block with a password

MATLAB: Can I depend on the MATLAB Compiler 4.0 (R14) to protect the intellectual property

Related Question