This work addresses the Memory-based Attack and Tampering Exploitation (MATE) threat to software critical assets, where the core challenge lies in balancing security—ensuring confidentiality and integrity—against usability—keeping protection overhead bounded. Methodologically, we formulate a two-player zero-sum game to model attacker-defender interactions; define a Software Protection Index (SPI) that integrates static code metrics and domain expertise to quantify suppression of attack paths; and propose a hybrid solving algorithm combining minimax depth-first search with dynamic programming for efficient, optimal deployment decisions. Experimental evaluation and expert assessment demonstrate that our approach significantly improves protection efficacy while constraining average runtime performance overhead to ≤8.3%. The key contribution is the first quantifiable, optimization-enabled, and deployable automated defense decision framework specifically designed for MATE risks.

This paper introduces a novel approach for the automated selection of software protections to mitigate MATE risks against critical assets within software applications. We formalize the key elements involved in protection decision-making - including code artifacts, assets, security requirements, attacks, and software protections - and frame the protection process through a game-theoretic model. In this model, a defender strategically applies protections to various code artifacts of a target application, anticipating repeated attack attempts by adversaries against the confidentiality and integrity of the application's assets. The selection of the optimal defense maximizes resistance to attacks while ensuring the application remains usable by constraining the overhead introduced by protections. The game is solved through a heuristic based on a mini-max depth-first exploration strategy, augmented with dynamic programming optimizations for improved efficiency. Central to our formulation is the introduction of the Software Protection Index, an original contribution that extends existing notions of potency and resilience by evaluating protection effectiveness against attack paths using software metrics and expert assessments. We validate our approach through a proof-of-concept implementation and expert evaluations, demonstrating that automated software protection is a practical and effective solution for risk mitigation in software.