Software Watermarking James Hamilton, PhD Student 0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 1 0 0 1 ...
Software Watermarking - Motivation software  company software  'thief' 0001010101010101101111 0101001011010101101010 10100...
Software Watermarking – what is it? software  company software  'thief' 0001010101010101101111 010100 MICROSOFT 11010 1010...
Software Fingerprinting – what is it? software  company 0001010101010101101111 010100 1234567890 101010 101001010101010101...
Software Watermarking – what is it not? <ul><li>It  does not  prevent copying software.
It  does not  prevent decompilation or program understanding.
But it could be used in-conjunction with obfuscation (need to be careful the obfuscation doesn't remove the watermark).  <...
Static Software Watermarking
Dynamic Software Watermarking <ul><li>Embeds code to generate a watermark at run-time.
Recogniser uses a debugger to extract watermark.
Should be resilient to semantics-preserving transformations.
. </li></ul>
Code Replacement & Addition <ul><li>Very basic, early algorithms simply replaced sections of code, or data, with watermark...
Susceptible to collusive attacks if the watermarks are placed in the same location in every copy of a program.
Monden  et al.  [1] encode the watermark as a sequence of bytecode sequences which replace instructions in a dummy method....
easily remove by semantics-preserving transformations </li></ul></ul>[1] A. Monden, H. Iida, K.-ichi Matsumoto, K. Inoue, ...
Code Re-Ordering <ul><li>The watermark is encoded as the  n th permutation of some set
Davidson and Myhrvold [1] encode the watermark as the  n th permutation of the set of basic blocks in a method. </li><ul><...
Requires the original program from comparison </li></ul>[1] R.I. Davidson and N. Myhrvold, “Method and system for generati...
Register Allocation <ul><li>the watermark is encoded in the interference graph, which is used to model the relationship be...
each vertex represents a variable and an edge between the two variables indicates that their live ranges overlap.
we colour the graph in order to minimise the number of registers and ensure that two live variables do no share a register.
QP algorithm [1] adds edges to the graph
QP is flawed; QPS, QPI, CC and CP followed with a similar idea. </li></ul>[1] G. Qu and K. Potkonjak, “Analysis of waterma...
Graph Watermarking <ul><li>Venkatesan  et al.  [1]  encode the watermark in a CFG and 'connect' it to the original program...
Example of a bad watermarking algorithm push 4 push 52 push 34 push 12 pop pop pop pop push 1 push 23 push 1 push 4 pop po...
Upcoming SlideShare
Loading in …5
×

Static Software Watermarking

2,250 views

Published on

Presentation from World Congress on Internet Security 2011, London.

Based on the paper "A Survey of Static Software Watermarking" with some thoughts on the usefulness of watermarking for software protection.

http://jameshamilton.eu/content/survey-static-software-watermarking

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,250
On SlideShare
0
From Embeds
0
Number of Embeds
298
Actions
Shares
0
Downloads
67
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Static Software Watermarking

  1. 1. Software Watermarking James Hamilton, PhD Student 0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 1 0 0 1 0 0 0 1 1 1 0 1
  2. 2. Software Watermarking - Motivation software company software 'thief' 0001010101010101101111 0101001011010101101010 1010010101010101010101 1010010000000101010101 1010010101011111111010 0001010101010101101111 0101001011010101101010 1010010101010101010101 1010010000000101010101 1010010101011111111010 copy
  3. 3. Software Watermarking – what is it? software company software 'thief' 0001010101010101101111 010100 MICROSOFT 11010 1010010101010101010101 1010010000000101010101 1010010101011111111010 copy 0001010101010101101111 010100 MICROSOFT 11010 1010010101010101010101 1010010000000101010101 1010010101011111111010 Allows the software author to prove ownership.
  4. 4. Software Fingerprinting – what is it? software company 0001010101010101101111 010100 1234567890 101010 1010010101010101010101 1010010000000101010101 1010010101011111111010 copy Allows the software author to prove the source of the copied software. 0001010101010101101111 010100 1234567890 101010 1010010101010101010101 1010010000000101010101 1010010101011111111010 software 'thief'
  5. 5. Software Watermarking – what is it not? <ul><li>It does not prevent copying software.
  6. 6. It does not prevent decompilation or program understanding.
  7. 7. But it could be used in-conjunction with obfuscation (need to be careful the obfuscation doesn't remove the watermark). </li></ul>Obfuscate Decompile public class HelloWorld { public String wm = “Microsoft”; public static void main(String[] args) { System.out.println(“Hello World”); } }
  8. 8. Static Software Watermarking
  9. 9. Dynamic Software Watermarking <ul><li>Embeds code to generate a watermark at run-time.
  10. 10. Recogniser uses a debugger to extract watermark.
  11. 11. Should be resilient to semantics-preserving transformations.
  12. 12. . </li></ul>
  13. 13. Code Replacement & Addition <ul><li>Very basic, early algorithms simply replaced sections of code, or data, with watermark code.
  14. 14. Susceptible to collusive attacks if the watermarks are placed in the same location in every copy of a program.
  15. 15. Monden et al. [1] encode the watermark as a sequence of bytecode sequences which replace instructions in a dummy method. </li><ul><li>difficult to generate code which is similar to the original program
  16. 16. easily remove by semantics-preserving transformations </li></ul></ul>[1] A. Monden, H. Iida, K.-ichi Matsumoto, K. Inoue, and K. Torii, “A practical method for watermarking java programs,” Computer Software and Applications Conference, 2000. COMPSAC 2000. The 24th Annual International, Washington, DC, USA: IEEE, 2002, p. 191–197.
  17. 17. Code Re-Ordering <ul><li>The watermark is encoded as the n th permutation of some set
  18. 18. Davidson and Myhrvold [1] encode the watermark as the n th permutation of the set of basic blocks in a method. </li><ul><li>higly unstealthy due to a greater ratio of goto instructions [2] </li></ul><li>Another option, in Java, is to re-order the constant pool (Gong et al. )
  19. 19. Requires the original program from comparison </li></ul>[1] R.I. Davidson and N. Myhrvold, “Method and system for generating and auditing a signature for a computer program,” US Patent 5,559,884, Sep. 1996. [2] Myles, G. et al., 2005. The evaluation of two software watermarking algorithms. Softw. Pract. Exper., 35(10), 923–938. [3] D. Gong, F. Liu, B. Lu, and P. Wang, “Hiding Informationin in Java Class File,” International Symposium on Computer Science and Computational Technology, 2008. ISCSCT ’08., IEEE Computer Society, 2008, pp. 160-164.
  20. 20. Register Allocation <ul><li>the watermark is encoded in the interference graph, which is used to model the relationship between variables.
  21. 21. each vertex represents a variable and an edge between the two variables indicates that their live ranges overlap.
  22. 22. we colour the graph in order to minimise the number of registers and ensure that two live variables do no share a register.
  23. 23. QP algorithm [1] adds edges to the graph
  24. 24. QP is flawed; QPS, QPI, CC and CP followed with a similar idea. </li></ul>[1] G. Qu and K. Potkonjak, “Analysis of watermarking techniques for graph coloring problem,” Computer-Aided Design, 1998. ICCAD 98. Digest of Technical Papers. 1998 IEEE/ACM International Conference on, San Jose, California, United States: IEEE, 2005, p. 190–193.
  25. 25. Graph Watermarking <ul><li>Venkatesan et al. [1] encode the watermark in a CFG and 'connect' it to the original program. </li></ul>[1] R. Venkatesan, V. Vazirani, and S. Sinha, “A graph theoretic approach to software watermarking,” Information Hiding, Springer, 2001, p. 157–168.
  26. 26. Example of a bad watermarking algorithm push 4 push 52 push 34 push 12 pop pop pop pop push 1 push 23 push 1 push 4 pop pop pop pop Optimiser
  27. 27. Problems with static watermarks in general <ul><li>can be unstealthy, if the watermark code is compared with 'normal' code
  28. 28. highly susceptible to semantics-preserving transformations </li><ul><li>static watermarks rely on syntactic properties </li></ul><li>without perfect tamper-proofing techniques an attacker can apply any semantics-preserving transformation to a program </li><ul><li>tamper-proofing is hard & unstealthy </li><ul><li>especially in Java </li></ul></ul><li>Static watermarks are not good for software protection </li></ul>Conclusion
  29. 29. What about dynamic watermarks? <ul><li>in theory, should not be susceptible to semantics-preserving transformations (but some current ones are).
  30. 30. but, they can only protect a complete program rather than single modules, classes, methods etc.
  31. 31. can be susceptible to additive attacks
  32. 32. Better than static watermarks, but still not great. </li></ul>Conclusion
  33. 33. Watermark Stealthiness <ul><li>Some watermarking algorithms are unstealthy </li><ul><li>easy to find
  34. 34. 'strange looking' code
  35. 35. doesn't act like the rest of the program </li></ul><li>statistical analysis of instructions (e.g. ratio of goto instructions)
  36. 36. program slicing metrics </li></ul>
  37. 37. Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; return b; } slicing criteria [1] Weiser, M., 1981. Program slicing. In ICSE '81: Proceedings of the 5th international conference on Software engineering. Piscataway, NJ, USA: IEEE Press, p. 439―449. Program Slice [1]: An independent program guaranteed to faithfully represent the original program within the domain of the specified subset of behaviour
  38. 38. Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; return b; } slicing criteria program slice shown in red
  39. 39. Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; return b; } slicing criteria
  40. 40. Opaque predicates <ul><li>A predicate that's outcome is known a-priori
  41. 41. Can be used to protect watermarks from slicing attacks
  42. 42. Introduces false dependencies to stop slicing </li></ul>public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; if(P F ) { b = wm.length(); } return b; }
  43. 43. Problems with watermarks in general software company software 'thief' judge Prove that the software is yours here's my watermark
  44. 44. Problems with watermarks in general software company software 'thief' judge and here's my watermark who can I believe?
  45. 45. Problems with watermarks in general software company software 'thief' judge independent software expert I've examined the watermark recogniser carefully, and believe I that only one recogniser is genuine
  46. 46. Problems with watermarks in general software company software 'thief' judge independent software expert the real author could demonstrate ownership by showing the source-code of their software (without the need for software watermarks) show me your source-code.
  47. 47. Decompilation <ul><li>The attacker could decompile the the program to get their own source-code to demonstrate they own the code
  48. 48. But it will 'look' decompiled </li><ul><li>incoherent variable names
  49. 49. no comments
  50. 50. verbose code
  51. 51. extraneous instructions </li></ul><li>The attacker will probably have little understanding of the code and will have trouble answering trivial questions about it </li></ul>
  52. 52. Conclusion <ul><li>There are many static watermarking algorithms but they are all susceptible to trivial semantics-preserving transformation attacks.
  53. 53. Dynamic watermarks are better but can also be susceptible to attacks.
  54. 54. Unstealthy watermarks give an attacker clues and allow them to remove a watermark easier.
  55. 55. Program slicing may be able to give clues about watermarks, and/or help remove them.
  56. 56. Maybe watermark is not actually needed or useful. </li></ul>
  57. 57. Any comments or questions? Thanks http://jameshamilton.eu/ http://www.gold.ac.uk/computing

×