Software watermarking via opaque predicates: Implementation, analysis, and attacks

Within the software industry software piracy is a great concern. In this article we address this issue through a prevention technique called software watermarking. Depending on how a software watermark is applied it can be used to discourage piracy; as proof of authorship or purchase; or to track the source of the illegal redistribution. In particular we analyze an algorithm originally proposed by Geneviève Arboit in A Method for Watermarking Java Programs via Opaque Predicates. This watermarking technique embeds the watermark by adding opaque predicates to the application. We have found that the Arboit technique does withstand some forms of attack and has a respectable data-rate. However, it is susceptible to a variety of distortive attacks. One unanswered question in the area of software watermarking is whether dynamic algorithms are inherently more resilient to attacks than static algorithms. We have implemented and empirically evaluated both static and dynamic versions within the SandMark framework.

[1]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[2]  Frank Tip,et al.  A survey of program slicing techniques , 1994, J. Program. Lang..

[3]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[4]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[5]  Qwhuqhw Duh Qrz Vxiihulqj Iurp Surjudp Wkhiw,et al.  Watermarking Java Programs , 1999 .

[6]  Miodrag Potkonjak,et al.  Hiding Signatures in Graph Coloring Solutions , 1999, Information Hiding.

[7]  Jean-Jacques Quisquater,et al.  Robust Object Watermarking: Application to Code , 1999, Information Hiding.

[8]  Katsuro Inoue,et al.  A practical method for watermarking Java programs , 2000, Proceedings 24th Annual International Computer Software and Applications Conference. COMPSAC2000.

[9]  Jens Palsberg,et al.  Experience with software watermarking , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[10]  Ramarathnam Venkatesan,et al.  A Graph Theoretic Approach to Software Watermarking , 2001, Information Hiding.

[11]  Krishnaswamy Palsberg,et al.  A Functional Taxonomy for Software Watermarking , 2002 .

[12]  Genevieve Arboit,et al.  A Method for Watermarking Java Programs via Opaque Predicates , 2002 .

[13]  Gael Hachez,et al.  A Comparative Study of Software Protection Tools Suited for E-Commerce with Contributions to Software Watermarking and Smart Cards , 2003 .

[14]  Christian S. Collberg,et al.  Software Watermarking Through Register Allocation: Implementation, Analysis, and Attacks , 2003, ICISC.

[15]  Christian S. Collberg,et al.  Sandmark--A Tool for Software Protection Research , 2003, IEEE Secur. Priv..

[16]  Christian S. Collberg,et al.  Graph Theoretic Software Watermarks: Implementation, Analysis, and Attacks , 2004, Information Hiding.

[17]  Michael Stepp,et al.  Dynamic path-based software watermarking , 2004, PLDI '04.

[18]  Jasvir Nagra,et al.  Threading Software Watermarks , 2004, Information Hiding.

[19]  Patrick Cousot,et al.  An abstract interpretation-based framework for software watermarking , 2004, POPL.

[20]  Christian S. Collberg,et al.  Software watermarking in the frequency domain: Implementation, analysis, and attacks , 2005, J. Comput. Secur..