SoftMark: Software Watermarking via a Binary Function Relocation

The ease of reproducibility of digital artifacts raises a growing concern in copyright infringement; in particular, for a software product. Software watermarking is one of the promising techniques to verify the owner of licensed software by embedding a digital fingerprint. Developing an ideal software watermark scheme is challenging because i) unlike digital media watermarking, software watermarking must preserve the original code semantics after inserting software watermark, and ii) it requires well-balanced properties of credibility, resiliency, capacity, imperceptibility, and efficiency. We present SoftMark, a software watermarking system that leverages a function relocation where the order of functions implicitly encodes a hidden identifier. By design, SoftMark does not introduce additional structures (i.e., codes, blocks, or subroutines), being robust in unauthorized detection, while maintaining a negligible performance overhead and reasonable capacity. With various strategies against viable attacks (i.e., static binary re-instrumentation), we tackle the limitations of previous reordering-based approaches. Our empirical results demonstrate the practicality and effectiveness by successful embedding and extraction of various watermark values.

[2]  Gaurav Gupta,et al.  Software Watermarking Resilient to Debugging Attacks , 2007, J. Multim..

[3]  Wee Keong Ng,et al.  Function Level Control Flow Obfuscation for Software Security , 2014, 2014 Eighth International Conference on Complex, Intelligent and Software Intensive Systems.

[4]  Zhu Jianqi,et al.  A Novel Dynamic Graph Software Watermark Scheme , 2009, 2009 First International Workshop on Education Technology and Computer Science.

[5]  Ying Zeng,et al.  Software Watermarking Through Obfuscated Interpretation: Implementation and Analysis , 2011, J. Multim..

[6]  Katsuro Inoue,et al.  A practical method for watermarking Java programs , 2000, Proceedings 24th Annual International Computer Software and Applications Conference. COMPSAC2000.

[7]  Hua Jiang,et al.  Software Watermarking Algorithm by Coefficients of Equation , 2009, 2009 Third International Conference on Genetic and Evolutionary Computing.

[8]  M. Shirali-Shahreza,et al.  Software Watermarking by Equation Reordering , 2008, 2008 3rd International Conference on Information and Communication Technologies: From Theory to Applications.

[9]  Jari-Matti Mäkelä,et al.  Diversification and obfuscation techniques for software security: A systematic literature review , 2018, Inf. Softw. Technol..

[10]  Lok-Kwong Yan,et al.  Debloating Software through Piece-Wise Compilation and Loading , 2018, USENIX Security Symposium.

[11]  R. Sekar,et al.  Function Interface Analysis: A Principled Approach for Function Recognition in COTS Binaries , 2017, 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[12]  David Williams-King,et al.  Egalito: Layout-Agnostic Binary Recompilation , 2020, ASPLOS.

[13]  Mila Dalla Preda,et al.  Software Watermarking: A Semantics-based Approach , 2017, NSAD@SAS.

[15]  Dawn Xiaodong Song,et al.  Recognizing Functions in Binaries with Neural Networks , 2015, USENIX Security Symposium.

[16]  Fei-Yue Wang,et al.  A Survey of Software Watermarking , 2005, ISI.

[17]  Krishnaswamy Palsberg,et al.  A Functional Taxonomy for Software Watermarking , 2002 .

[18]  Nabendu Chaki,et al.  Software Watermarking: Progress and Challenges , 2018, INAE Letters.

[19]  Zetao Jiang,et al.  A Software Watermarking Method Based on Public-Key Cryptography and Graph Coloring , 2009, 2009 Third International Conference on Genetic and Evolutionary Computing.

[20]  Gael Hachez,et al.  A Comparative Study of Software Protection Tools Suited for E-Commerce with Contributions to Software Watermarking and Smart Cards , 2003 .

[21]  Christian S. Collberg,et al.  Error-correcting graphs for software watermarking , 2003 .

[22]  Yuichiro Kanzaki,et al.  A Software Protection Method Based on Instruction Camouflage , 2006 .

[23]  Ramarathnam Venkatesan,et al.  A Graph Theoretic Approach to Software Watermarking , 2001, Information Hiding.

[24]  Miodrag Potkonjak,et al.  Hiding Signatures in Graph Coloring Solutions , 1999, Information Hiding.

[25]  Michalis Polychronakis,et al.  Juggling the Gadgets: Binary-level Code Randomization using Instruction Displacement , 2016, AsiaCCS.

[26]  Zhe Chen,et al.  Semantic-integrated software watermarking with tamper-proofing , 2018, Multimedia Tools and Applications.

[27]  Xi Chen,et al.  An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries , 2016, USENIX Security Symposium.

[28]  Ying Zeng,et al.  Robust Software Watermarking Scheme Based on Obfuscated Interpretation , 2010, 2010 International Conference on Multimedia Information Networking and Security.

[29]  Raghuraj Singh,et al.  An Efficient Software Watermark by Equation Reordering and FDOS , 2011, SocProS.

[30]  Dinghao Wu,et al.  Composite Software Diversification , 2017, 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME).

[31]  Jianmin Pang,et al.  A Method and Implementation of Control Flow Obfuscation Using SEH , 2012, 2012 Fourth International Conference on Multimedia Information Networking and Security.

[32]  Christian S. Collberg,et al.  Sandmark--A Tool for Software Protection Research , 2003, IEEE Secur. Priv..

[33]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[34]  Herbert Bos,et al.  Compiler-Agnostic Function Detection in Binaries , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[35]  Juan E. Tapiador,et al.  Bypassing information leakage protection with trusted applications , 2012, Comput. Secur..

[36]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[37]  Jim Alves-Foss,et al.  Function boundary detection in stripped binaries , 2019, ACSAC.

[38]  David Brumley,et al.  BYTEWEIGHT: Learning to Recognize Functions in Binary Code , 2014, USENIX Security Symposium.

[39]  Dinghao Wu,et al.  Semantics-Aware Machine Learning for Function Recognition in Binary Code , 2017, 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME).

[40]  Eugene H. Spafford,et al.  Improved kernel security through memory layout randomization , 2013, 2013 IEEE 32nd International Performance Computing and Communications Conference (IPCCC).

[41]  Hongxia Jin,et al.  Self-validating Branch-Based Software Watermarking , 2005, Information Hiding.

[42]  Carl W David,et al.  Stirling's Approximation , 2007 .

[43]  Armand Navabi,et al.  The evaluation of two software watermarking algorithms , 2005, Softw. Pract. Exp..

[44]  Debin Gao,et al.  RopSteg: program steganography with return oriented programming , 2014, CODASPY '14.

[45]  Sebastian Danicic,et al.  A survey of static software watermarking , 2011, 2011 World Congress on Internet Security (WorldCIS-2011).

[46]  Juan Caballero,et al.  Certified PUP: Abuse in Authenticode Code Signing , 2015, CCS.

[47]  Tudor Dumitras,et al.  Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI , 2017, CCS.

[48]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[49]  Gang Qu,et al.  Analysis of watermarking techniques for graph coloring problem , 1998, 1998 IEEE/ACM International Conference on Computer-Aided Design. Digest of Technical Papers (IEEE Cat. No.98CB36287).

[50]  Neil J. Hurley,et al.  Securing Java through software watermarking , 2003, PPPJ.

[51]  Jean-Jacques Quisquater,et al.  Robust Object Watermarking: Application to Code , 1999, Information Hiding.

[52]  Alexander Pretschner,et al.  Software-Based Protection against Changeware , 2015, CODASPY.

[53]  Carrie Gates,et al.  Defining the insider threat , 2008, CSIIRW '08.

[54]  Long Lu,et al.  Compiler-Assisted Code Randomization , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[55]  Angelos D. Keromytis,et al.  Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization , 2012, 2012 IEEE Symposium on Security and Privacy.