Your SlideShare is downloading. ×
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Java Attacks & Defenses - End of Year 2010 Presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Java Attacks & Defenses - End of Year 2010 Presentation

1,290

Published on

Decompilation is a problem for the software industry, with the global revenue loss due to software piracy estimated to be more than $50 billion in 2008. There are several Java decompilers available …

Decompilation is a problem for the software industry, with the global revenue loss due to software piracy estimated to be more than $50 billion in 2008. There are several Java decompilers available but none are 100% effective, and many are obsolete/unmaintained. We found Java Decompiler, JODE and Dava to be good Java decompilers but not perfect. Dava is particularily suited to aribtrary bytecode, while others are suited to javac generated bytecode.

Static watermarking techniques can be used to protect a program from being copied by giving the ability to easily identify the owner of such software. However, static watermarking techniques are higher susceptible to semantics-preserving transformations. We show that the majority of the current implementations of watermarking systems are based on static techniques are fail when attacked with obfuscations and optimisations. Further work will involve evaluating dynamic watermarking algorithms in a similar manner, and compare them to their static counterparts.

Techniques such as program slicing can be used to attack software watermarks, in subtractive attacks on software.

Published in: Technology, Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,290
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Java Software Attacks & Defences James Hamilton, PhD Student 0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 1 0 0 1 0 0 0 1 1 1 0 1
  • 2. Year 1 - Recap
    • Survey of (Java) decompilation
    • 3. I tested 10 different decompilers with the latest Java class file format using 10 different test programs, extending a 2003 survey.
    • 4. Assign a value to the decompiled programs depending on the accuracy of decompilation.
    software company software thief
  • 5.
    • many of the current decompilers cannot parse the latest class files
      • 4 obsolete
      • 6. 3 unmaintained
    • no currently maintained commercial decompilers
    • 7. best decompiler? depends on the tool which generated the class file
      • Dava for arbitrary bytecode
      • 8. Java Decompiler or JODE for javac bytecode
    Year 1 – Recap - Results
  • 9. SCAM2009
    • 9 th IEEE International Working Conference on Source Code Analysis and Manipulation.
    • 10. Leading conference in my field.
    • 11. My first published paper 'An Evaluation of Current Java Decompilers'
    • 12. Co-Located with 25 th IEEE International Conference on Software Maintenance
    • 13. http://whoyouknow.co.uk/uni/phd/papers/JavaBytecodeDecompilerSurvey.pdf
  • 14. Edmonton, Alberta, Canada
    • Capital of Alberta. Also know as “Deadmonton”.
    • 15. Home to the huge University of Alberta - 50 city blocks with over 90 buildings
    • 16. & West Edmonton Mall – the world's 5 th largest mall
  • 17.
    • Not much improvement in 6 years
      • all decompilers aren't very good
    • Problems caused by newer class file specification
    • 18. Different decompilers for different problems
    • 19. But they still pose a security risk to Java applications
    • can we produce a decompiler which combines the best of javac decompilers and arbitrary decompilers?
    • 20. do we really need to perform type inference if the only condition is that we require re-compilable code?
    • 21. are the problems with the Java decompilers fundamental or just bugs?
    Paper Conclusion Questions
  • 22. My Decompiler
    • Based on the ASM bytecode manipulation framework [1].
      • Load & manipulate or generate classes
      • 23. Visitor pattern
    • 1 st Task – decompile the 10 programs in 'Decompiling Java' [2]
    • 24. Task 1 completed + decompilation of some other simple programs including for-loops, ifs, exception handling.
    • 25. Cannot decompile all the test programs from my first paper.
    • 26. Slow progress, currently on hold.
    • 27. Extremely useful in understanding the problems of implementing a decompiler.
    • 28. I found that ASM is probably not the best framework to use – the visitor API made some things hard to do.
    • 29. Will probably port to Byte Code Engineering Library (BCEL) [3]
    [2] G. Nolan, Decompiling Java . APress, 2004. [1] http://asm.ow2.org/ [3] http://jakarta.apache.org/bcel/
  • 30. Software Watermarking
  • 31. Software Watermarking – Aims
    • Does not prevent a program from being copied
    • 32. But does provide a way to prove ownership of a program
    • 33. Can prove the individual who copied the program (Fingerprint Mark)
    • 34. Obfuscation aims to make a program hard to understand and/or decompile
    Software Watermarking vs Obfuscation
  • 35. An Evaluation of Static Java Bytecode Watermarking
    • Evaluation of the currently available Java bytecode static software watermarkers
      • Sandmark (Academic/Open-Source)
      • 36. Allatori (Commercial)
      • 37. DashO (Commercial)
    • Watermarked 60 programs with 14 watermark algorithms
    • 38. 588 out of 840 combinations with watermarks embedded correctly
    • 39. Obfuscated the watermarked programs with 36 obfuscations, 1 optimisation and 2 obfuscation combinations.
    • 40. 23,626 correctly obfuscated
    • 41. Attempted to recognise watermarks from all the obfuscated programs
  • 42. Evaluation Results
    • Submitted to SCAM2010
    • 43. http://whoyouknow.co.uk/uni/phd/papers/JavaBytecodeWatermarkingSurvey.pdf
  • 44. International Conference on Software Engineering (ICSE) 2010 More details about my trip at http://whoyouknow.co.uk/uni/phd/icse2010/
  • 45. Dynamic Software Watermarking
    • Embeds code to generate a watermark at run-time.
    • 46. 3 algorithms implemented in Sandmark.
    • 47. Should be resilient to semantics-preserving transformations.
    • 48. .
  • 49. Paper rejected
    • 3 long reviews with lots of points to improve the paper
    • 50. Range of views: borderline, weak reject, reject.
    • 51. Some problems include
      • Introduction too long
      • 52. There is two evaluations in one
      • 53. Didn't take into account space/time costs
      • 54. Didn't analyse the interactions between obfuscation/watermark pairs
      • 55. Programs might be too small/too similar (all were jEdit plugins)
  • 56. Current Plan
    • Extend paper to a full survey of static + dynamic watermarking
    • 57. Add the dynamic algorithms in Sandmark to the evaluation
    • 58. Split the evaluation into
      • Robustness of watermark embedders
      • 59. Robustness of recognisers
      • 60. Resilience to semantics preserving transformations
      • 61. Space/Time costs
      • 62. Stealthiness
    • Detailed analysis of the ways that the different transformations interact.
    • 63. Compare dynamic vs static watermarks
    • 64. Leading to
      • A better paper and thesis chapter
      • 65. Further work will include slicing watermarks (possibly linking with Sebastian's work on slicing)
  • 66. Any questions? Thanks

×