SlideShare a Scribd company logo

Static Software Watermarking

J
James Hamilton

Presentation from World Congress on Internet Security 2011, London. Based on the paper "A Survey of Static Software Watermarking" with some thoughts on the usefulness of watermarking for software protection. http://jameshamilton.eu/content/survey-static-software-watermarking

Technology
1 of 26
Download to read offline
0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 1 0 0 1 02/20/11 Software Watermarking James Hamilton, PhD Student 0 0 0 1 1 1 0 1
Software Watermarking - Motivation 0001010101010101101111 0001010101010101101111 0101001011010101101010 0101001011010101101010 1010010101010101010101 1010010101010101010101 1010010000000101010101 1010010000000101010101 1010010101011111111010 copy 1010010101011111111010 software software company 'thief' 2
Software Watermarking – what is it? 0001010101010101101111 0001010101010101101111 010100MICROSOFT11010 010100MICROSOFT11010 1010010101010101010101 1010010101010101010101 1010010000000101010101 1010010000000101010101 1010010101011111111010 copy 1010010101011111111010 Allows the software author to prove ownership. software software company 'thief' 3
Software Fingerprinting – what is it? 0001010101010101101111 0001010101010101101111 0101001234567890101010 0101001234567890101010 1010010101010101010101 1010010101010101010101 1010010000000101010101 1010010000000101010101 1010010101011111111010 copy 1010010101011111111010 Allows the software author to prove the source of the copied software software. software company 'thief' 4
Software Watermarking – what is it not? • It does not prevent copying software. • It does not prevent decompilation or program understanding. • But it could be used in-conjunction with obfuscation (need to be careful the obfuscation doesn't remove the watermark). public class HelloWorld { public String wm = “Microsoft”; public static void main(String[] args) { System.out.println(“Hello World”); Decompile } } Obfuscate 5
Static Software Watermarking 6
Dynamic Software Watermarking • Embeds code to generate a watermark at run-time. • Recogniser uses a debugger to extract watermark. • Should be resilient to semantics-preserving transformations. . 7
Code Replacement & Addition • Very basic, early algorithms simply replaced sections of code, or data, with watermark code. • Susceptible to collusive attacks if the watermarks are placed in the same location in every copy of a program. • Monden et al. [1] encode the watermark as a sequence of bytecode sequences which replace instructions in a dummy method. – difficult to generate code which is similar to the original program – easily remove by semantics-preserving transformations 8 [1] A. Monden, H. Iida, K.-ichi Matsumoto, K. Inoue, and K. Torii, “A practical method for watermarking java programs,” Computer Software and Applications Conference, 2000. COMPSAC 2000. The 24th Annual International, Washington, DC, USA: IEEE, 2002, p. 191–197.
Code Re-Ordering • The watermark is encoded as the nth permutation of some set • Davidson and Myhrvold [1] encode the watermark as the nth permutation of the set of basic blocks in a method. – higly unstealthy due to a greater ratio of goto instructions [2] • Another option, in Java, is to re- order the constant pool (Gong et al.) • Requires the original program from comparison 9 [1] R.I. Davidson and N. Myhrvold, “Method and system for generating and auditing a signature for a computer program,” US Patent 5,559,884, Sep. 1996. [2] Myles, G. et al., 2005. The evaluation of two software watermarking algorithms. Softw. Pract. Exper., 35(10), 923–938. [3] D. Gong, F. Liu, B. Lu, and P. Wang, “Hiding Informationin in Java Class File,” International Symposium on Computer Science and Computational Technology, 2008. ISCSCT ’08., IEEE Computer Society, 2008, pp. 160-164.
Register Allocation • the watermark is encoded in the interference graph, which is used to model the relationship between variables. • each vertex represents a variable and an edge between the two variables indicates that their live ranges overlap. • we colour the graph in order to minimise the number of registers and ensure that two live variables do no share a register. • QP algorithm [1] adds edges to the graph • QP is flawed; QPS, QPI, CC and CP followed with a similar idea. 10 [1] G. Qu and K. Potkonjak, “Analysis of watermarking techniques for graph coloring problem,” Computer-Aided Design, 1998. ICCAD 98. Digest of Technical Papers. 1998 IEEE/ACM International Conference on, San Jose, California, United States: IEEE, 2005, p. 190–193.
Graph Watermarking • Venkatesan et al. [1] encode the watermark in a CFG and 'connect' it to the original program. 11 [1] R. Venkatesan, V. Vazirani, and S. Sinha, “A graph theoretic approach to software watermarking,” Information Hiding, Springer, 2001, p. 157–168.
Example of a bad watermarking algorithm push 4 push 52 push 34 push 12 pop pop pop pop Optimiser push 1 push 23 push 1 push 4 pop pop pop pop 12
Problems with static watermarks in general • can be unstealthy, if the watermark code is compared with 'normal' code • highly susceptible to semantics-preserving transformations – static watermarks rely on syntactic properties • without perfect tamper-proofing techniques an attacker can apply any semantics-preserving transformation to a program – tamper-proofing is hard & unstealthy • especially in Java Conclusion • Static watermarks are not good for software protection 13
What about dynamic watermarks? • in theory, should not be susceptible to semantics-preserving transformations (but some current ones are). • but, they can only protect a complete program rather than single modules, classes, methods etc. • can be susceptible to additive attacks Conclusion • Better than static watermarks, but still not great. 14
Watermark Stealthiness • Some watermarking algorithms are unstealthy – easy to find – 'strange looking' code – doesn't act like the rest of the program • statistical analysis of instructions (e.g. ratio of goto instructions) • program slicing metrics 15
Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; return b; slicing criteria } Program Slice [1]: An independent program guaranteed to faithfully represent the original program within the domain of the specified subset of behaviour 16 [1] Weiser, M., 1981. Program slicing. In ICSE '81: Proceedings of the 5th international conference on Software engineering. Piscataway, NJ, USA: IEEE Press, p. 439―449.
Program slicing public void w() { program slice shown in red int a = 1; b = a + 1; String wm = “mywatermark”; return b; slicing criteria } 17
Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; slicing criteria return b; } 18
Opaque predicates • A predicate that's outcome is known a-priori • Can be used to protect watermarks from slicing attacks public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; if(PF) { b = wm.length(); } return b; } • Introduces false dependencies to stop slicing 19
Problems with watermarks in general Prove that the software is yours judge here's my watermark software software company 'thief' 20
Problems with watermarks in general who can I believe? judge and here's my watermark software software company 'thief' 21
Problems with watermarks in general I've examined the watermark recogniser carefully, and believe I that only one recogniser is genuine independent software expert judge software software company 'thief' 22
Problems with watermarks in general show me your source-code. independent software expert judge the real author could demonstrate ownership by showing the source- code of their software (without the need for software watermarks) software software company 'thief' 23
Decompilation • The attacker could decompile the the program to get their own source-code to demonstrate they own the code • But it will 'look' decompiled – incoherent variable names – no comments – verbose code – extraneous instructions • The attacker will probably have little understanding of the code and will have trouble answering trivial questions about it 24
Conclusion • There are many static watermarking algorithms but they are all susceptible to trivial semantics-preserving transformation attacks. • Dynamic watermarks are better but can also be susceptible to attacks. • Unstealthy watermarks give an attacker clues and allow them to remove a watermark easier. • Program slicing may be able to give clues about watermarks, and/or help remove them. • Maybe watermark is not actually needed or useful. 25
Thanks Any comments or questions? 26 http://www.gold.ac.uk/computing http://jameshamilton.eu/

Recommended

A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...
A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...
A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...Chinnappa Doss
 
Cloud computing for agent based urban transportation system vinayss
Cloud computing for agent based urban transportation system vinayssCloud computing for agent based urban transportation system vinayss
Cloud computing for agent based urban transportation system vinayssVinay Sirivara
 
Providing fault tolerance in extreme scale parallel applications
Providing fault tolerance in extreme scale parallel applicationsProviding fault tolerance in extreme scale parallel applications
Providing fault tolerance in extreme scale parallel applicationshjjvandam
 
Condroid WSN/DTN Gateway - Verification Rest Report
Condroid WSN/DTN Gateway - Verification Rest ReportCondroid WSN/DTN Gateway - Verification Rest Report
Condroid WSN/DTN Gateway - Verification Rest ReportLaili Aidi
 
Generic lossless visible watermarking—a
Generic lossless visible watermarking—aGeneric lossless visible watermarking—a
Generic lossless visible watermarking—aAgnianbu Wrong
 
Malware and Modern Propagation Techniques
Malware and Modern Propagation TechniquesMalware and Modern Propagation Techniques
Malware and Modern Propagation TechniquesJoseph Bugeja
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Phil Agcaoili
 
IRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET Journal
 

Recommended

A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...
A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...
A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20...Chinnappa Doss
 
Cloud computing for agent based urban transportation system vinayss
Cloud computing for agent based urban transportation system vinayssCloud computing for agent based urban transportation system vinayss
Cloud computing for agent based urban transportation system vinayssVinay Sirivara
 
Providing fault tolerance in extreme scale parallel applications
Providing fault tolerance in extreme scale parallel applicationsProviding fault tolerance in extreme scale parallel applications
Providing fault tolerance in extreme scale parallel applicationshjjvandam
 
Condroid WSN/DTN Gateway - Verification Rest Report
Condroid WSN/DTN Gateway - Verification Rest ReportCondroid WSN/DTN Gateway - Verification Rest Report
Condroid WSN/DTN Gateway - Verification Rest ReportLaili Aidi
 
Generic lossless visible watermarking—a
Generic lossless visible watermarking—aGeneric lossless visible watermarking—a
Generic lossless visible watermarking—aAgnianbu Wrong
 
Malware and Modern Propagation Techniques
Malware and Modern Propagation TechniquesMalware and Modern Propagation Techniques
Malware and Modern Propagation TechniquesJoseph Bugeja
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Phil Agcaoili
 
IRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET Journal
 
From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018Christophe Rochefolle
 
Microservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itMicroservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itGiuseppe Lavagetto
 
Network dialog minimization and network dialog diffing: Two novel primitives ...
Network dialog minimization and network dialog diffing: Two novel primitives ...Network dialog minimization and network dialog diffing: Two novel primitives ...
Network dialog minimization and network dialog diffing: Two novel primitives ...Zubair Rafique
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect predictionThomas Zimmermann
 
Dependency Injection in .NET applications
Dependency Injection in .NET applicationsDependency Injection in .NET applications
Dependency Injection in .NET applicationsBabak Naffas
 
Version based software watermark
Version based software watermarkVersion based software watermark
Version based software watermarkeSAT Journals
 
Version based software watermark
Version based software watermarkVersion based software watermark
Version based software watermarkeSAT Publishing House
 
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)CSCJournals
 
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMI
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMIEvolving role of Software,Legacy software,CASE tools,Process Models,CMMI
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMInimmik4u
 
What is system level analysis
What is system level analysisWhat is system level analysis
What is system level analysisCAST
 
Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Swati Patel
 
Code Signing with CPK
Code Signing with CPKCode Signing with CPK
Code Signing with CPKZhi Guan
 
Securing a Cloud Migration
Securing a Cloud MigrationSecuring a Cloud Migration
Securing a Cloud MigrationCarlos Andrés García
 
Securing a Cloud Migration
Securing a Cloud MigrationSecuring a Cloud Migration
Securing a Cloud MigrationVMware Tanzu
 
IRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of CodeIRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of CodeIRJET Journal
 
Service worker API
Service worker APIService worker API
Service worker APIGiorgio Natili
 
Project SpaceLock - Architecture & Design
Project SpaceLock - Architecture & DesignProject SpaceLock - Architecture & Design
Project SpaceLock - Architecture & DesignAbhishek Mishra
 
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case StudyFinding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case StudyDevOps.com
 
Work example2 detailed
Work example2 detailedWork example2 detailed
Work example2 detailedGerald Dickinson
 
The top 10 web application intrusion techniques
The top 10 web application intrusion techniquesThe top 10 web application intrusion techniques
The top 10 web application intrusion techniquesAntonio Fontes
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

More Related Content

Similar to Static Software Watermarking

From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018Christophe Rochefolle
 
Microservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itMicroservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itGiuseppe Lavagetto
 
Network dialog minimization and network dialog diffing: Two novel primitives ...
Network dialog minimization and network dialog diffing: Two novel primitives ...Network dialog minimization and network dialog diffing: Two novel primitives ...
Network dialog minimization and network dialog diffing: Two novel primitives ...Zubair Rafique
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect predictionThomas Zimmermann
 
Dependency Injection in .NET applications
Dependency Injection in .NET applicationsDependency Injection in .NET applications
Dependency Injection in .NET applicationsBabak Naffas
 
Version based software watermark
Version based software watermarkVersion based software watermark
Version based software watermarkeSAT Journals
 
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)CSCJournals
 
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMI
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMIEvolving role of Software,Legacy software,CASE tools,Process Models,CMMI
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMInimmik4u
 
What is system level analysis
What is system level analysisWhat is system level analysis
What is system level analysisCAST
 
Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Swati Patel
 
Code Signing with CPK
Code Signing with CPKCode Signing with CPK
Code Signing with CPKZhi Guan
 
Securing a Cloud Migration
Securing a Cloud MigrationSecuring a Cloud Migration
Securing a Cloud MigrationVMware Tanzu
 
IRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of CodeIRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of CodeIRJET Journal
 
Project SpaceLock - Architecture & Design
Project SpaceLock - Architecture & DesignProject SpaceLock - Architecture & Design
Project SpaceLock - Architecture & DesignAbhishek Mishra
 
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case StudyFinding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case StudyDevOps.com
 
The top 10 web application intrusion techniques
The top 10 web application intrusion techniquesThe top 10 web application intrusion techniques
The top 10 web application intrusion techniquesAntonio Fontes
 

Similar to Static Software Watermarking (20)

From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018
 
Microservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itMicroservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.it
 
Network dialog minimization and network dialog diffing: Two novel primitives ...
Network dialog minimization and network dialog diffing: Two novel primitives ...Network dialog minimization and network dialog diffing: Two novel primitives ...
Network dialog minimization and network dialog diffing: Two novel primitives ...
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect prediction
 
Dependency Injection in .NET applications
Dependency Injection in .NET applicationsDependency Injection in .NET applications
Dependency Injection in .NET applications
 
Version based software watermark
Version based software watermarkVersion based software watermark
Version based software watermark
 
Version based software watermark
Version based software watermarkVersion based software watermark
Version based software watermark
 
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
Dynamic Multi Levels Java Code Obfuscation Technique (DMLJCOT)
 
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMI
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMIEvolving role of Software,Legacy software,CASE tools,Process Models,CMMI
Evolving role of Software,Legacy software,CASE tools,Process Models,CMMI
 
What is system level analysis
What is system level analysisWhat is system level analysis
What is system level analysis
 
Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey
 
Code Signing with CPK
Code Signing with CPKCode Signing with CPK
Code Signing with CPK
 
Securing a Cloud Migration
Securing a Cloud MigrationSecuring a Cloud Migration
Securing a Cloud Migration
 
Securing a Cloud Migration
Securing a Cloud MigrationSecuring a Cloud Migration
Securing a Cloud Migration
 
IRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of CodeIRJET- Obfuscation: Maze of Code
IRJET- Obfuscation: Maze of Code
 
Service worker API
Service worker APIService worker API
Service worker API
 
Project SpaceLock - Architecture & Design
Project SpaceLock - Architecture & DesignProject SpaceLock - Architecture & Design
Project SpaceLock - Architecture & Design
 
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case StudyFinding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
 
Work example2 detailed
Work example2 detailedWork example2 detailed
Work example2 detailed
 
The top 10 web application intrusion techniques
The top 10 web application intrusion techniquesThe top 10 web application intrusion techniques
The top 10 web application intrusion techniques
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Static Software Watermarking

  • 1. 0 1 0 0 0 0 1 1 0 1 1 0 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 0 1 0 1 1 0 0 1 02/20/11 Software Watermarking James Hamilton, PhD Student 0 0 0 1 1 1 0 1
  • 2. Software Watermarking - Motivation 0001010101010101101111 0001010101010101101111 0101001011010101101010 0101001011010101101010 1010010101010101010101 1010010101010101010101 1010010000000101010101 1010010000000101010101 1010010101011111111010 copy 1010010101011111111010 software software company 'thief' 2
  • 3. Software Watermarking – what is it? 0001010101010101101111 0001010101010101101111 010100MICROSOFT11010 010100MICROSOFT11010 1010010101010101010101 1010010101010101010101 1010010000000101010101 1010010000000101010101 1010010101011111111010 copy 1010010101011111111010 Allows the software author to prove ownership. software software company 'thief' 3
  • 4. Software Fingerprinting – what is it? 0001010101010101101111 0001010101010101101111 0101001234567890101010 0101001234567890101010 1010010101010101010101 1010010101010101010101 1010010000000101010101 1010010000000101010101 1010010101011111111010 copy 1010010101011111111010 Allows the software author to prove the source of the copied software software. software company 'thief' 4
  • 5. Software Watermarking – what is it not? • It does not prevent copying software. • It does not prevent decompilation or program understanding. • But it could be used in-conjunction with obfuscation (need to be careful the obfuscation doesn't remove the watermark). public class HelloWorld { public String wm = “Microsoft”; public static void main(String[] args) { System.out.println(“Hello World”); Decompile } } Obfuscate 5
  • 7. Dynamic Software Watermarking • Embeds code to generate a watermark at run-time. • Recogniser uses a debugger to extract watermark. • Should be resilient to semantics-preserving transformations. . 7
  • 8. Code Replacement & Addition • Very basic, early algorithms simply replaced sections of code, or data, with watermark code. • Susceptible to collusive attacks if the watermarks are placed in the same location in every copy of a program. • Monden et al. [1] encode the watermark as a sequence of bytecode sequences which replace instructions in a dummy method. – difficult to generate code which is similar to the original program – easily remove by semantics-preserving transformations 8 [1] A. Monden, H. Iida, K.-ichi Matsumoto, K. Inoue, and K. Torii, “A practical method for watermarking java programs,” Computer Software and Applications Conference, 2000. COMPSAC 2000. The 24th Annual International, Washington, DC, USA: IEEE, 2002, p. 191–197.
  • 9. Code Re-Ordering • The watermark is encoded as the nth permutation of some set • Davidson and Myhrvold [1] encode the watermark as the nth permutation of the set of basic blocks in a method. – higly unstealthy due to a greater ratio of goto instructions [2] • Another option, in Java, is to re- order the constant pool (Gong et al.) • Requires the original program from comparison 9 [1] R.I. Davidson and N. Myhrvold, “Method and system for generating and auditing a signature for a computer program,” US Patent 5,559,884, Sep. 1996. [2] Myles, G. et al., 2005. The evaluation of two software watermarking algorithms. Softw. Pract. Exper., 35(10), 923–938. [3] D. Gong, F. Liu, B. Lu, and P. Wang, “Hiding Informationin in Java Class File,” International Symposium on Computer Science and Computational Technology, 2008. ISCSCT ’08., IEEE Computer Society, 2008, pp. 160-164.
  • 10. Register Allocation • the watermark is encoded in the interference graph, which is used to model the relationship between variables. • each vertex represents a variable and an edge between the two variables indicates that their live ranges overlap. • we colour the graph in order to minimise the number of registers and ensure that two live variables do no share a register. • QP algorithm [1] adds edges to the graph • QP is flawed; QPS, QPI, CC and CP followed with a similar idea. 10 [1] G. Qu and K. Potkonjak, “Analysis of watermarking techniques for graph coloring problem,” Computer-Aided Design, 1998. ICCAD 98. Digest of Technical Papers. 1998 IEEE/ACM International Conference on, San Jose, California, United States: IEEE, 2005, p. 190–193.
  • 11. Graph Watermarking • Venkatesan et al. [1] encode the watermark in a CFG and 'connect' it to the original program. 11 [1] R. Venkatesan, V. Vazirani, and S. Sinha, “A graph theoretic approach to software watermarking,” Information Hiding, Springer, 2001, p. 157–168.
  • 12. Example of a bad watermarking algorithm push 4 push 52 push 34 push 12 pop pop pop pop Optimiser push 1 push 23 push 1 push 4 pop pop pop pop 12
  • 13. Problems with static watermarks in general • can be unstealthy, if the watermark code is compared with 'normal' code • highly susceptible to semantics-preserving transformations – static watermarks rely on syntactic properties • without perfect tamper-proofing techniques an attacker can apply any semantics-preserving transformation to a program – tamper-proofing is hard & unstealthy • especially in Java Conclusion • Static watermarks are not good for software protection 13
  • 14. What about dynamic watermarks? • in theory, should not be susceptible to semantics-preserving transformations (but some current ones are). • but, they can only protect a complete program rather than single modules, classes, methods etc. • can be susceptible to additive attacks Conclusion • Better than static watermarks, but still not great. 14
  • 15. Watermark Stealthiness • Some watermarking algorithms are unstealthy – easy to find – 'strange looking' code – doesn't act like the rest of the program • statistical analysis of instructions (e.g. ratio of goto instructions) • program slicing metrics 15
  • 16. Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; return b; slicing criteria } Program Slice [1]: An independent program guaranteed to faithfully represent the original program within the domain of the specified subset of behaviour 16 [1] Weiser, M., 1981. Program slicing. In ICSE '81: Proceedings of the 5th international conference on Software engineering. Piscataway, NJ, USA: IEEE Press, p. 439―449.
  • 17. Program slicing public void w() { program slice shown in red int a = 1; b = a + 1; String wm = “mywatermark”; return b; slicing criteria } 17
  • 18. Program slicing public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; slicing criteria return b; } 18
  • 19. Opaque predicates • A predicate that's outcome is known a-priori • Can be used to protect watermarks from slicing attacks public void w() { int a = 1; b = a + 1; String wm = “mywatermark”; if(PF) { b = wm.length(); } return b; } • Introduces false dependencies to stop slicing 19
  • 20. Problems with watermarks in general Prove that the software is yours judge here's my watermark software software company 'thief' 20
  • 21. Problems with watermarks in general who can I believe? judge and here's my watermark software software company 'thief' 21
  • 22. Problems with watermarks in general I've examined the watermark recogniser carefully, and believe I that only one recogniser is genuine independent software expert judge software software company 'thief' 22
  • 23. Problems with watermarks in general show me your source-code. independent software expert judge the real author could demonstrate ownership by showing the source- code of their software (without the need for software watermarks) software software company 'thief' 23
  • 24. Decompilation • The attacker could decompile the the program to get their own source-code to demonstrate they own the code • But it will 'look' decompiled – incoherent variable names – no comments – verbose code – extraneous instructions • The attacker will probably have little understanding of the code and will have trouble answering trivial questions about it 24
  • 25. Conclusion • There are many static watermarking algorithms but they are all susceptible to trivial semantics-preserving transformation attacks. • Dynamic watermarks are better but can also be susceptible to attacks. • Unstealthy watermarks give an attacker clues and allow them to remove a watermark easier. • Program slicing may be able to give clues about watermarks, and/or help remove them. • Maybe watermark is not actually needed or useful. 25
  • 26. Thanks Any comments or questions? 26 http://www.gold.ac.uk/computing http://jameshamilton.eu/