What is Software Watermarking? Software Watermarking Through Register Allocation: Implementation, Analysis, and Attacks



Similar documents
A Survey of Software Watermarking by Register Allocation (for Java Bytecode)

k-gram Based Software Birthmarks

Chapter 7D The Java Virtual Machine

Lecture 12: Software protection techniques. Software piracy protection Protection against reverse engineering of software

Surreptitious Software

Interpreters and virtual machines. Interpreters. Interpreters. Why interpreters? Tree-based interpreters. Text-based interpreters

Robust Blind Watermarking Mechanism For Point Sampled Geometry

HOTPATH VM. An Effective JIT Compiler for Resource-constrained Devices

CSC 8505 Handout : JVM & Jasmin

Introduction to Program Obfuscation

Domains and Competencies

02 B The Java Virtual Machine

WATERMARKING FOR IMAGE AUTHENTICATION

Code Obfuscation. Mayur Kamat Nishant Kumar

Chapter 4 Lecture 5 The Microarchitecture Level Integer JAVA Virtual Machine

Secret Communication through Web Pages Using Special Space Codes in HTML Files

Keywords Android, Copyright Protection, Discrete Cosine Transform (DCT), Digital Watermarking, Discrete Wavelet Transform (DWT), YCbCr.

Applications of obfuscation to software and hardware systems

WHLK: Framework for Software Authentication and Protection

5. A full binary tree with n leaves contains [A] n nodes. [B] log n 2 nodes. [C] 2n 1 nodes. [D] n 2 nodes.

Safer data transmission using Steganography

Programming the Android Platform. Logistics

University of Twente. A simulation of the Java Virtual Machine using graph grammars

LaTTe: An Open-Source Java VM Just-in Compiler

A Secure File Transfer based on Discrete Wavelet Transformation and Audio Watermarking Techniques

Habanero Extreme Scale Software Research Project

Image Authentication Scheme using Digital Signature and Digital Watermarking

Software Protection through Code Obfuscation

Editing Common Polygon Boundary in ArcGIS Desktop 9.x

ABAP How To on SQL Trace Analysis

Implementation of an Obfuscation Tool for C/C++ Source Code Protection on the XScale Architecture *

Static Analysis of Virtualization- Obfuscated Binaries

language 1 (source) compiler language 2 (target) Figure 1: Compiling a program

ALLIED PAPER : DISCRETE MATHEMATICS (for B.Sc. Computer Technology & B.Sc. Multimedia and Web Technology)

Audio synthesis: MIDI Digital Audio Coding/Compression. Today: Intellectual property management for digital media. What is Digital Watermarking?

Inside the Java Virtual Machine

Group Testing a tool of protecting Network Security

SECURE DATA TRANSMISSION USING DIGITAL IMAGE WATERMARKING

STEGANOGRAPHY: TEXT FILE HIDING IN IMAGE YAW CHOON KIT CA10022

Code Obfuscation Literature Survey

General Introduction

MULTIFACTOR AUTHENTICATION FOR SOFTWARE PROTECTION

The Java Virtual Machine (JVM) Pat Morin COMP 3002

Briki: a Flexible Java Compiler

Prototyping Faithful Execution in a Java Virtual Machine

Data Structures and Algorithms Written Examination

Create 3D Videos in VideoWave The Easy Way

Security Based Data Transfer and Privacy Storage through Watermark Detection

Obfuscation: know your enemy

Security testing: a key challenge for software engineering. Yves Le Traon, yves.letraon@uni.lu Professor, Univ of Luxembourg

- Applet java appaiono di frequente nelle pagine web - Come funziona l'interprete contenuto in ogni browser di un certo livello? - Per approfondire

GelAnalyzer 2010 User s manual. Contents

Security and protection of digital images by using watermarking methods

JustClust User Manual

Multimedia Document Authentication using On-line Signatures as Watermarks

Steganography Detection for Digital Forensics

Hydan: Hiding Information in Program Binaries

Combining Static and Dynamic Impact Analysis for Large-scale Enterprise Systems

How To Draw In Autocad

New Hash Function Construction for Textual and Geometric Data Retrieval

Armed E-Bunny: A Selective Dynamic Compiler for Embedded Java Virtual Machine Targeting ARM Processors

Computer Forensics Application. ebay-uab Collaborative Research: Product Image Analysis for Authorship Identification

Write your own JVM compiler

ACE: Illustrator CC Exam Guide

PDF security - a brief history of development

Introduction. Application Security. Reasons For Reverse Engineering. This lecture. Java Byte Code

>

All Your Code Belongs To Us Dismantling Android Secrets With CodeInspect. Steven Arzt Secure Software Engineering Group Steven Arzt 1

Automated Termination Proofs for Java Programs with Cyclic Data

Java Card 3 Platform. Virtual Machine Specification, Classic Edition. Version May 2015

Pemrograman Dasar. Basic Elements Of Java

CHAPTER 7 CONCLUSION AND FUTURE WORK

Watermarking Techniques for Protecting Intellectual Properties in a Digital Environment

Java Virtual-Machine Support for Portable Worst-Case Execution-Time Analysis

Security Architecture and Verification of Java Bytecode

Embedded Systems. Review of ANSI C Topics. A Review of ANSI C and Considerations for Embedded C Programming. Basic features of C

An Obfuscation Method to Build a Fake Call Flow Graph by Hooking Method Calls

Jonathan Worthington Scarborough Linux User Group

Polymorphic Worm Detection Using Structural Information of Executables

Linear Programming I

3.1 Solving Systems Using Tables and Graphs

Small Maximal Independent Sets and Faster Exact Graph Coloring

Retargeting Android Applications to Java Bytecode

Virtual Machines. Case Study: JVM. Virtual Machine, Intermediate Language. JVM Case Study. JVM: Java Byte-Code. JVM: Type System

Transcription:

hat is Software atermarking? Software atermarking Through Register Allocation: Implementation, Analysis, and Attacks Ginger Myles Christian Collberg {mylesg,collberg}@cs.arizona.edu University of Arizona Department of Computer Science Technique used to aid in the prevention of software piracy. embed(, w, key) recognize(, key) w atermark: w uniquely identifies the owner of. Fingerprint: w uniquely identifies the purchaser of. Embed atermark Original rogram atermarked rogram Extract atermark hat is Software atermarking? hat is Software atermarking? Static: the watermark is stored directly in the data or code sections of a native executable or class file. Make use of the features of an application that are available at compile-time. Dynamic: the watermark is stored in the run-time structures of the program. Blind: the recognizer is given the watermarked program and the watermark key as input. Informed: the recognizer is given the watermarked program and the watermark key as input and it also has access to the unwatermarked program. 3

hy use Software atermarking? How can we watermark software? Discourages illegal copying and redistribution. A copyright notice can be used to provide proof of ownership. A fingerprint can be used to trace the source of the illegal redistribution. Does not prevent illegal copying and redistribution. Insert new (non-functional or nonexcuted) code Reorder code where it does not change the functionality Manipulate instruction frequencies switch ( E ) { } case : { } case : { } case 9 : { } switch ( E ) { } case : { } case : { } case 9 : { } Interference Graph Interference Graph Example Models the relationship between the variables in the procedure. Each variable in the procedure is represented by a vertex. If two variables have overlapping live ranges then the vertices are joined by an edge. Color the graph such that minimize the number of registers required two live variables do not share a register v := * v := * 3 v3 := * v v4 := v + v v := 3 * v3 4 3 7

Interference Graph Example Interference Graph Example v := * v := * 3 v3 := * v v4 := v + v v := 3 * v3 v := * v := * 3 v3 := * v v4 := v + v v := 3 * v3 9 Interference Graph Example Q Algorithm v := * v := * 3 v3 := * v v4 := v + v v := 3 * v3 Originally proposed by G. Qu and M. otkonjak. Constraint-based software watermarking algorithm. Embeds a watermark in the register allocation of the program through a technique called edge-adding. Use the interference graph and the graph coloring problem to embed a watermark in the register allocation. mult R,, mult R,, 3 mult R3,, R add R, R, R mult R, 3, R3

Q Algorithm QS Algorithm Edges are added between chosen vertices in a graph based on the value of the message. Since the vertices are now connected, they cannot be assigned to the same register. Improvement on the Q Algorithm In order to use the algorithm for software watermarking, stricter embedding criteria are required. Unpredicability of the coloring of vertices using the original algorithm. One vertex could be used multiple times. 3 QS Algorithm QS Embedding Algorithm ey idea: Select triples of vertices such that they are isolated units that will not effect other vertices in the graph. Colored Triple: Given an n-colorable graph G = (V, E), a set of three vertices {v, v, v 3 } is considered a colored triple if. v, v, v 3 V,. (v, v ), (v, v 3 ), (v, v 3 ) E, and 3. v, v, v 3 are all colored the same color. for each vertex v i V which is not already in a triple if possible find the nearest two vertices v i and v i such that v i and v i are the same color as v i, and v i and v i are not already in triple. if m i = 0 add edge (v i, v i ) else add edge (v i, v i ) end for

QS Recoginition Algorithm QS Example for each vertex v i V which is not already in a triple if possible find the nearest two vertices v i and v i such that v i and v i are the same color as v i, and v i and v i are not already in triple. if v i and v i are different colors found a 0 add edge (v i, v i ) else found a add edge (v i, v i ) end for (a) Original Bytecode METHOD: fast_memcmp:([b[bi)z 0 : iconst_0 : istore 3 3 : iconst_0 4 : istore_3 : iconst_ 6 : istore 3 8 : iload_ 9 : iconst_ 0 : isub : istore_ : iload_ 3 : iconst_0 4 : if_icmplt > 7 : iconst_0 8 : goto > : iconst_ : ifne > 33 : iload 3 7 : invokestatic 30 : goto > 34 33 : iconst_ 34 : ifne > 60 37 : aload_0 38 : iload_ 39 : baload 40 : aload_ 4 : iload_ 4 : baload 43 : if_icmpeq > 0 46 : iconst_0 47 : goto > 0 : iconst_ : istore 3 3 : iload_ 4 : iconst_ : isub 6 : istore_ 7 : goto > 60 : iload 3 6 : ireturn (b) Original Interference Graph v6 v6 v7 v7 v v v (c) atermarked Interference Graph v v4 v4 v Embed atermark (d) Register Assignment Table variable register number v 0 v v3 v v 3 v6 4 v7 v v3 v3 (e) atermarked Bytecode METHOD: fast_memcmp:([b[bi)z 0 : iconst_0 : istore 3 3 : iconst_0 4 : istore_3 : iconst_ 6 : istore 4 8 : iload_ 9 : iconst_ 0 : isub : istore_ : iload_ 3 : iconst_0 4 : if_icmplt > 7 : iconst_0 8 : goto > : iconst_ : ifne > 33 : iload 4 7 : invokestatic 30 : goto > 34 33 : iconst_ 34 : ifne > 60 37 : aload_0 38 : iload_ 39 : baload 40 : aload_ 4 : iload_ 4 : baload 43 : if_icmpeq > 0 46 : iconst_0 47 : goto > 0 : iconst_ : istore 4 3 : iload_ 4 : iconst_ : isub 6 : istore_ 7 : goto > 60 : iload 4 6 : ireturn 7 Implementation QS atermarking Algorithm Evaluation Implemented in Java using the BCEL bytecode editor. Incorporated into the SandMark framework. Can be applied to an entire application or a single class file. atermark is spread across all classes and is embedded as many times as possible. Message is converted to a binary representation using the ASCII value of the characters. An 8-bit length field is added to the beginning that is used in the recognition phase. erformed a variety of empirical tests to evaluate the algorithm s overall effectiveness. Implementation within SandMark facilitated the study of manual attacks and the application of obfuscations. The evaluation examined five software watermarking properties. 9

atermark Evaluation roperties atermark Evaluation roperties Credibility: The watermark should be readily detectable for proof of authorship while minimizing the probability of coincidence. Data-rate: Maximize the length of message that can be embedded. erceptual Invisibility (Stealth): A watermark should exhibit the same properties as the code around it so as to make detection difficult. art rotection: A good watermark should be distributed throughout the software in order to protect all parts of it. atermark Evaluation roperties atermark Evaluation roperties Subtractive Attack: The adversary attempts to remove all or part of the watermark. Additive Attack: The adversary adds a new watermark. Additive Attack 3

atermark Evaluation roperties atermark Evaluation roperties Distortive Attack: The attacker applies a series of semantics-preserving transformations to render the watermark useless. Distortive Attack Collusive Attack: The adversary compares two differently fingerprinted copies of the software to identify the location. F F Collusive Attack Results A shameless plug to conclude The original Q algorithm has a very low recovery rate. Accurate recovery is a necessity so the QS algorithm was developed. The QS algorithm has a very low data-rate. The QS algorithm is susceptible to a variety of simple attacks. The QS algorithm is quite stealthy. The QS algorithm is extremely credible. Sandmark contains an implementation of the QS algorithm as well as several other watermarking algorithms http://www.cs.arizona.edu/sandmark 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information