Software Watermarking
What is software watermarking?
Software watermarking involves embedding a unique identifier within a piece of software, to discourage software theft. Watermarking does not prevent theft but instead discourages software thieves by providing a means to identify the owner of a piece of software and/or the origin of the stolen software. The hidden watermark can be extracted, at a later date, by the use of a recogniser to prove ownership of stolen software.
Finding Dynamic Graph Watermarks With Maximal Slices
My previous post gave an overview of the graph visualisation techniques I've been using recently. Here's a more in-depth look at a program watermarked with the dynamic graph watermarking algorithm (as implemented in Sandmark). Is it stealthy? The short answer is 'no'. Here's why...
Visualising Program Slices
I've recently been working on visualising program slices using graphs.
Attacking Software Watermarks
Software watermarking is a software protection technique based on the insertion of copyright notices or unique identifiers into a program to prove ownership. The basic idea is that if a copyright owner finds a copy of their software (e.g. online) they would be able to prove, in a court of law, that they own that software. Alternatively, a software fingerprint - where the watermark is a unique customer ID for every copy of the program - would allow a software owner to trace the person who copied the software.
More on Dynamic Graph Watermarking
Graph watermarking techniques encode a watermark in a graph structure which is embedded in a program either statically, or dynamically. Static watermarks can be encoded in a control flow graph while dynamic graphs are encoded in a data structure built at runtime. Like other static watermarking algorithms, static graph watermarking is susceptible to semantics-preserving transformation attacks. Collberg and Thomborson proposed the first dynamic graph based watermarking scheme, CT, to overcome problems with static watermarking schemes.
The Importance of Stealth in Software Watermarking
The stealthiness of watermarked code is the degree to which the watermarked code can be distinguished from the unwatermarked code. Stealh is an important concept in watermark because if a watermark is unstealthy an attacker could find the watermark. If an attacker can find a watermark it will be easier for them to remove it. The attacker may still have to spend some time figuring out how to remove the watermark but it makes the task easier.
Is Software Watermarking Useful for Proving Ownership?
Software watermarking by providing a means to identify the owner of a piece of software and/or the origin of the stolen software. The hidden watermark can be recognised or extracted, at a later date, by the use of a recogniser or extractor to prove ownership of stolen software. It is also possible to embed a unique customer identifier in each copy of the software distributed which allows the software company to identify the individual that pirated the software - this is known as fingerprinting. A software watermark should allow an author to prove ownership of a piece of copied software but how can the author demonstrate extraction of a watermark to a judge in a court of law?
The Problems with the Execution Path Watermark Algorithm for Java Bytecode
There are two general types of software watermarking: static and dynamic. The latter stores the watermark in the execution or a data structure of a program. Execution path watermarking encodes the watermark in the sequence of branches taken during execution. A version of this algorithm has been implemented in Sandmark. How effective is execution path watermarking? Is it better than static watermarks, which are highly susceptible to semantics-preserving transformation attacks?
A Survey of Static Software Watermarking
Software theft, also known as software piracy, is the act of copying a legitimate application and illegally distributing that software, either free or for profit. The global revenue loss due to software piracy was estimated to be more than $50 billion in 2009. Watermarks can be classified as either static or dynamic. Static watermarks are embedded in the code and/or data of a computer program, whereas dynamic watermarking techniques store a watermark in a program's execution state. In this paper, we present a brief survey of the proposed static watermarking techniques, including a brief explanation of each technique concluding with directions for future work.
A Survey Of Graph Based Software Watermarking
We examine the currently proposed static and dynamic graph watermarking schemes. Graph based watermarking schemes, like other watermarking schemes, can be divided into two groups: static and dynamic. Static graph watermarks are embedding in a control-flow graph within a program whereas dynamic graph watermarks are embedding in a graph data-structure built at run-time. We report previous findings, describe some recent additions and conclude by suggesting a direction for future work.
A Survey of Software Watermarking by Code Re-Ordering
We survey the proposed software watermarking algorithms based on code re-ordering. This family of static watermarks use semantics-preserving transformations to encode a watermark in a permutation of the existing code. We describe the existing techniques and highlight the short-comings of these algorithms, namely that they are highly susceptible to semantics preserving transformations attacks.
MPhil Transfer Report
Decompilation of Java bytecode is the act of transforming Java bytecode to Java source code. Although easier than that of decompilation of machine code, problems still arise in Java bytecode decompilation. These include type inference of local variables and exception-handling.
A Survey of Software Watermarking by Register Allocation (for Java Bytecode)
In this paper, we examine register allocation based software watermarking algorithms; these algorithms are constraint-based static software watermarking techniques. Figure 1 shows the evolution of this family of algorithms on which we report previous findings, describe some recent additions (including a correction to a published algorithm) and conclude by suggesting a direction for future work.
Types of Software Watermark
Software watermarks can be broadly divided into two categories: static and dynamic. The former embeds the watermark in the data and/or code of the program, while the latter embeds the watermark in a data structure built at runtime.
The Evolution of Software Watermarking
Software watermarking involves embedding a unique identifier into software in order to prove ownership, in a similar way to that of multimedia watermarking. The graph below shows the evolution of software watermarking from the first patents to the latest academic research in the area. The nodes are titles of patents, research papers, or books. Edges of the graph indicate that the items are in some way related, for example one item might build on a previous item, use similar ideas, or discuss a previous idea.
End of Year Review 2010 - Java Attacks & Defenses
Decompilation is a problem for the software industry, with the global revenue loss due to software piracy estimated to be more than $50 billion in 2008. There are several Java decompilers available but none are 100% effective, and many are obsolete/unmaintained.
We found Java Decompiler, JODE and Dava to be good Java decompilers but not perfect. Dava is particularily suited to aribtrary bytecode, while others are suited to javac generated bytecode.
An Evaluation of Static Java Bytecode Watermarks
The rise in the use of the Internet and bytecode languages such as Java bytecode and Microsoft's Common Intermediate Language have made copying, decompiling and disassembling software easier. The global revenue loss due to software piracy was estimated to be more than $50 billion in 2008. Watermarking is a technique which attempts to protect software by inserting copyright notices or unique indentifiers into software to prove ownership.
