Protecting Software Code By Guards

The George Washington University

Cs297 YU-HAO HU

Motives

Software cracking is a serious threat to manyin the software industry.

Attackers can insert an unconditional jump to overpass the serial number checker.

How to protect important segment of code has became an issue.

The Guarding Framework: Types of guard Guard: a piece of code responsible for

performing certain security-related actions during program execution.

Checksum code: Checksum another piece of program code at runtime and verify its integrity

Repair code: Restore a piece of damaged code to its original form before it is executed or used.

The Guarding Framework: Guard Graph

The Guarding Framework: Features Distributed-ness Multiplicity Dynamism Scalability

The Guarding Framework: System

Guard template Binary manipulation Logical boundary between the data and executable

code should be blurred. Obfuscate guard code

The Guarding Framework: Template Example

Conclusion

Distributed protection Various protection schemes Configurable tamper-resistance

Reference

Protecting Software Codes By GuardsHoi Chang, Mikhail J. AtallahCenter for Education and Research inInformation Assurance and Security & Arxan Technologies

PC Assembly Language (NASM)Paul A. Carter

Software Watermarking: Models and Dynamic Embeddings

The George Washington University

CS297YU-HAO HU

Types of Attacks to Watermarking System Subtractive attack: attackers can crop out wat

ermarks. Distortive attack: attackers can twist waterma

rks. Additive attack: attackers can override water

marks.

Fingerprinting System

Similar to watermarking system except it gives different secret messages to different receivers.

Vulnerable to collusive attack. Attackers can locate the secret messages by comparing different copies of messages.

Types of Watermarks: Static Watermarks Data Watermark

Ex. string C = “Copyright…”.

Code Watermark Ex. Additional data stored

in an object or wherever in the code.

Easy to be destroyed by optimization techniques.

Types of Watermarks: Dynamic Watermarks Easter Eggs Dynamic Data Structure

Embedded within the state of a program and showed with a particular input.

Dynamic Execution Trace It is extracted by

monitoring a special sequence of operations

Dynamic Graph Watermarking: Central Ideas Use the topology of a graph to represent

watermark. Graph is dynamically built in the heap. Examine the runtime object heap with the

special input sequence.

Dynamic Graph Watermarking: Embedding Watermarks

Pick number P & Q, n = P * Q Represent n as a graph Program W could build graph.

Dynamic Graph Watermarking : Embedding Watermarks

Embed W into original program Add temper-proofing Obfuscation

Dynamic Graph Watermarking : Embedding Watermarks

Remove recognizer to be product version

Dynamic Graph Watermarking: Verifying Watermarks

Links recognizer with the product Gives special input set I and gets the number n Factoring n to get P and Q

Obfuscation Techniques: Loop i = 1;

while ( i< 100){…i += 1;…}

Obfuscation Techniques: Loop i = 1, j = 100;

while ( (i< 100)&&((i+j)!=-1)){…i += 1;j = (j*100)%50;…}

Obfuscation Techniques: Class Inheritance

Class One

Class A

Class Z

Obfuscation Techniques: Class Inheritance

Class One

Class A

Class Z

Class AA

Interface A

Dynamic Graph Watermarking: Conclusion Resistant to optimization, obfuscation

transformation because they don’t affect heap allocation.

Using reflection to prevent renaming or reordering graph nodes

Constantly checking graph to ensure the graph is not cropped out.

References

Software Watermarking: Models and Dynamic Embeddings

Christian Collberg, Clark Thomborson

Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs Christian Collberg, Clark Thomborson, Douglas Low

Breaking Abstractions and Unstructuring Data Structures Christian Collberg, Clark Thomborson, Douglas

Low