Tamper-proofing basis path by using oblivious hashing on Java

Java programs are often downloaded (distributed) to unknown environments, so protect Java code from malicious modification is an important issue. This paper presents a tamper-proofing software technology on basis paths for stack-machine based languages, such as Java, by improving Oblivious Hashing. Our approach is based on a new dynamic stack-tracing approach which inserts hash instructions to monitor the top of the stack to check whether the program running has been tampered with or not. A user can choose one or more methods in a class to tamper-proof program. The protective codes are added to basic blocks at the bytecode level. We developed a new approach to protect constants and variables by alternative hashing functions. The overhead is proportional to the number of Load and Push instructions to be protected.

[1]  Dan Boneh,et al.  Architectural Support For Copy And Tamper-Resistant Software PhD Thesis , 2003 .

[2]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[3]  Joseph P. Poole A Method to Determine a Basis Set of Paths to Perform Program Testing | NIST , 1995 .

[4]  A. Konovalov On the nilpotency class of a multiplicative group of a modular group algebra of a dihedral 2-group , 1995 .

[5]  Ramarathnam Venkatesan,et al.  Oblivious Hashing: A Stealthy Software Integrity Verification Primitive , 2002, Information Hiding.

[6]  Markus Jakobsson,et al.  Discouraging Software Piracy Using Software Aging , 2001, Digital Rights Management Workshop.

[7]  Neil J. Hurley,et al.  Securing Java through software watermarking , 2003, PPPJ.

[8]  Paul C. van Oorschot,et al.  A White-Box DES Implementation for DRM Applications , 2002, Digital Rights Management Workshop.

[9]  C. L. Liu Elements of Discrete Mathematics , 1985 .

[10]  Anas N. Al-Rabadi,et al.  A comparison of modified reconstructability analysis and Ashenhurst‐Curtis decomposition of Boolean functions , 2004 .

[11]  Thomas Vestdam Proceedings of the 2nd International Conference on the Principles and Practice of Programming in Java, Kilkenny City, Ireland, June 16-18, 2003 , 2003 .

[12]  Genevieve Arboit,et al.  A Method for Watermarking Java Programs via Opaque Predicates , 2002 .

[13]  Mikhail J. Atallah,et al.  Protecting Software Code by Guards , 2001, Digital Rights Management Workshop.

[14]  Rainer Güting Subtractive abelian groups , 1975, Notre Dame J. Formal Log..

[15]  Nasir D. Memon,et al.  Preventing Piracy, Reverse Engineering, and Tampering , 2003, Computer.

[16]  Wuu Yang,et al.  Advanced obfuscation techniques for Java bytecode , 2004, J. Syst. Softw..

[17]  Ting-Wei Hou,et al.  Three control flow obfuscation methods for Java software , 2006, IEE Proc. Softw..