Skip to main content
×
×
Home

Semantics-based software watermarking by abstract interpretation

  • MILA DALLA PREDA (a1) and MICHELE PASQUA (a1)
Abstract

Software watermarking is a software protection technique used to defend the intellectual property of proprietary code. In particular, software watermarking aims at preventing software piracy by embedding a signature, i.e. an identifier reliably representing the owner, in the code. When an illegal copy is made, the owner can claim his/her identity by extracting the signature. It is important to hide the signature in the program in order to make it difficult for the attacker to detect, tamper or remove it. In this work, we present a formal framework for software watermarking, based on program semantics and abstract interpretation, where attackers are modelled as abstract interpreters. In this setting, we can prove that the ability to identify signatures can be modelled as a completeness property of the attackers in the abstract interpretation framework. Indeed, hiding a signature in the code corresponds to embed it as a semantic property that can be retrieved only by attackers that are complete for it. Any abstract interpreter that is not complete for the property specifying the signature cannot detect, tamper or remove it. We formalize in the proposed framework the major quality features of a software watermarking technique: secrecy, resilience, transparence and accuracy. This provides a unifying framework for interpreting both watermarking schemes and attacks, and it allows us to formally compare the quality of different watermarking techniques. Indeed, a large number of watermarking techniques exist in the literature and they are typically evaluated with respect to their secrecy, resilience, transparence and accuracy to attacks. Formally identifying the attacks for which a watermarking scheme is secret, resilient, transparent or accurate can be a complex and error-prone task, since attacks and watermarking schemes are typically defined in different settings and using different languages (e.g. program transformation vs. program analysis), complicating the task of comparing one against the others.

Copyright
References
Hide All
Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P. and Yang, K. (2001). On the (im)possibility of obfuscating programs. In: CRYPTO '01: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag 1–18.
BSA (2016). Global Software Survey: Seizing Opportunity Through License Compliance, Online. Available at http://globalstudy.bsa.org/2016/.
Collberg, C., Carter, E., Debray, S., Huntwork, A., Kececioglu, J., Linn, C. and Stepp, M. (2004). Dynamic path-based software watermarking. SIGPLAN Not. 39 (6) 107118.
Collberg, C. and Thomborson, C. (2002). Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Transactions Software Engineering 28 735746.
Collberg, C. and Thomborson, C.D. (1999). Software watermarking: Models and dynamic embeddings. In: POPL '99: Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ACM 311–324.
Collberg, C., Thomborson, C.D. and Low, D. (1997). A taxonomy of obfuscating transformations; Technical Report 148; Department of Computer Science, The University of Auckland.
Collberg, C., Thomborson, C.D. and Low, D. (1998). Manufactoring cheap, resilient, and stealthy opaque constructs. In: Proceedings of Conference Record of the 25st ACM Symp osium on Principles of Programming Languages (POPL'98), ACM Press 184–196.
Cousot, P. (2002). Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theoretical Computer Science 277 (1–2) 47103.
Cousot, P. and Cousot, R. (1977). Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Conference Record of the 4th ACM Symposium on Principles of Programming Languages (POPL'77), ACM Press 238–252.
Cousot, P. and Cousot, R. (1979). Systematic design of program analysis frameworks. In: Conference Record of the 6th ACM Symposium on Principles of Programming Languages (POPL'79), ACM Press 269–282.
Cousot, P. and Cousot, R. (2002). Systematic design of program transformation frameworks by abstract interpretation. In: Conference Record of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ACM Press 178–190.
Cousot, P. and Cousot, R. (2004). An abstract interpretation-based framework for software watermarking. In: Conference Record of the 31st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ACM Press, New York, NY, USA 173–185.
Dalla Preda, M. and Giacobazzi, R. (2005). Semantic-based code obfuscation by abstract interpretation. In: Proceeding of the 32nd International Colloquium on Automata, Languages and Programming (ICALP'05), Lecture Notes in Computer Science, vol. 3580, Springer-Verlag 1325–1336.
Dalla Preda, M. and Giacobazzi, R. (2009). Semantic-based code obfuscation by abstract interpretation. Journal of Computer Security 17 (6) 855908.
Dalla Preda, M., Giacobazzi, R. and Visentini, E. (2008). Hiding software watermarks in loop structures. In: Proceedings of the Static Analysis, 15th International Symposium, SAS 2008'; , Valencia, Spain, July 16–18, 2008, Lecture Notes in Computer Science, vol. 5079 174–188.
Dalla Preda, M. and Pasqua, M. (2016). Software watermarking: A semantics-based approach. In: Proceeding of the 6th Workshop on Numerical and Symbolic Abstract Domains (NSAD 2016), Edinburgh, Scotland, September 11, 2016 Elsevier – Electronic Notes in Theoretical Computer Science, 71–85. https://doi.org/10.1016/j.entcs.2017.02.005
Davidson, R.L. and Myhrvold, N. (1996). Method and system for generating and auditing a signature for a computer program. US Patent number 5,559,884.
Frontier-Economics (2016). The economic impacts of counterfeiting and piracy – report prepared for bascap and inta. online. Available at: https://iccwbo.org/publication/economic-impacts-counterfeiting-piracy-report-prepared-bascap-inta/.
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A. and Waters, B. (2013). Candidate indistinguishability obfuscation and functional encryption for all circuits. In: IACR Cryptology ePrint Archive, 451.
Giacobazzi, R. (2008). Hiding information in completeness holes – new perspectives in code obfuscation and watermarking. In: Proceedings of The 6th IEEE International Conferences on Software Engineering and Formal Methods (SEFM'08), IEEE Press. 7–20.
Giacobazzi, R. and Mastroeni, I. (2002). Compositionality in the puzzle of semantics. In: Proceedings of the 2002 ACM SIGPLAN Workshop on Partial Evaluation and Semantics-Based Program Manipulation (PEPM '02), Portland, Oregon, USA, January 14–15 87–97.
Giacobazzi, R. and Mastroeni, I. (2004). Abstract non-interference: Parameterizing non-interference by abstract interpretation. In: Proceedings of the 31st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'04), ACM-Press 186–197.
Giacobazzi, R. and Mastroeni, I. (2008). Transforming abstract interpretations by abstract interpretation. In: Alpuente, M. (ed.), Proceedings of The 15th International Static Analysis Symposium, SAS'08, Lecture Notes in Computer Science; vol. 5079, Springer-Verlag, 1–17.
Giacobazzi, R. and Quintarelli, E. (2001). Incompleteness, counterexamples and refinements in abstract model-checking. In: Cousot, P. (ed.), Proceedings of the 8th Internat. Static Analysis Symposium (SAS'01), Lecture Notes in Computer Science, vol. 2126, Springer-Verlag, 356–373.
Giacobazzi, R., Ranzato, F. and Scozzari, F. (2000). Making abstract interpretation complete. Journal of the ACM 47 (2) 361416.
Mastroeni, I. (2005). Abstract Non-Interference - An Abstract Interpretation-based Approach to Secure Information Flow; PhD thesis; University of Verona – Dep. of Computer Science; Strada le Grazie 15, 37134, Verona (Italy).
Moskowitz, S.A. and Cooperman, M. (1996). Method for stega-cipher protection of computer code; US patent 5.745.569; Assignee: The Dice Company.
Nagra, J., Thomborson, C.D. and Collberg, C. (2002). A functional taxonomy for software watermarking. Australian Computer Science Communications 24 (1) 177186.
Venkatesan, R., Vazirani, V. and Sinha, S. (2001). A graph theoretic approach to software watermarking. In: Moskowitz, I. (ed.), Information Hiding, Lecture Notes in Computer Science, vol. 2137, Springer, Berlin/Heidelberg, 157168.
Recommend this journal

Email your librarian or administrator to recommend adding this journal to your organisation's collection.

Mathematical Structures in Computer Science
  • ISSN: 0960-1295
  • EISSN: 1469-8072
  • URL: /core/journals/mathematical-structures-in-computer-science
Please enter your name
Please enter a valid email address
Who would you like to send this to? *
×

Metrics

Full text views

Total number of HTML views: 0
Total number of PDF views: 3 *
Loading metrics...

Abstract views

Total abstract views: 48 *
Loading metrics...

* Views captured on Cambridge Core between 15th May 2018 - 25th June 2018. This data will be updated every 24 hours.