Skip to main content
SpringerLink
Log in

Software watermarking via opaque predicates: Implementation, analysis, and attacks

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

Within the software industry software piracy is a great concern. In this article we address this issue through a prevention technique called software watermarking. Depending on how a software watermark is applied it can be used to discourage piracy; as proof of authorship or purchase; or to track the source of the illegal redistribution. In particular we analyze an algorithm originally proposed by Geneviève Arboit in A Method for Watermarking Java Programs via Opaque Predicates. This watermarking technique embeds the watermark by adding opaque predicates to the application. We have found that the Arboit technique does withstand some forms of attack and has a respectable data-rate. However, it is susceptible to a variety of distortive attacks. One unanswered question in the area of software watermarking is whether dynamic algorithms are inherently more resilient to attacks than static algorithms. We have implemented and empirically evaluated both static and dynamic versions within the SandMark framework.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Business software alliance, http://www.bsa.org.

  2. Sandmark. http://www.cs.arizona.edu/sandmark/.

  3. Specjvm98 v1.04. http://www.specbench.org/osg/jvm98/.

  4. Aho, A. V., Sethi, R., & Ullman, J. D. (1988). Compilers: Principles, Techniques, and Tools. Addison-Wesley.

  5. Arboit, G. (2002). A method for watermarking java programs via opaque predicates. In The Fifth International Conference on Electronic Commerce Research (ICECR-5).

  6. Collberg, C., Huntwork, A., Carter, E., & Townsend, G. (2004). Graph theoretic software watermarks: Implementation, analysis, and attacks. In 6th International Information Hiding Workshop.

  7. Collberg, C., Myles, G., & Huntwork, A. (2003). Sandmark — a tool for software protection research. IEEE Security and Privacy, 1(4), 40–49.

    Google Scholar 

  8. Collberg, C., & Thomborson, C. (1999). Software watermarking: Models and dynamic embeddings. In Conference Record of POPL ’99: The 26th ACM SIGPLANSIGACT Symposium on Principles of Programming Languages (Jan. 1999).

  9. Collberg, C., Thomborson, C., & Low, D. (1998). Manufacturing cheap, resilient, and stealthy opaque constructs. In Principles of Programming Languages 1998, POPL’98, San Diego, CA.

  10. Christian Collberg, Edward Carter, Saumya Debray, Andrew Huntwork, Cullen Linn, & Mike Stepp. (2004). Dynamic path–based software watermarking. In SIG–PLAN ’04 Conference on Programming Language Design and Implementation.

  11. Patrick Cousot, & Radhia Cousot (2003). An abstract interpretation–based framework for software watermarking. In Principles of Programming Languages 2003, POPL ’03, pp. 311–324.

  12. Davidson. R. L., & Myhrvold, N. (1996). Method and system for generating and auditing a signature for a computer program. US Patent 5,559,884, Assignee: Microsoft Corporation.

  13. Hachez, G. (2003). A Comparative Study of Software Protection Tools Suited for E-Commerce with Contributions to Software Watermarking and Smart Cards. PhD thesis, Universite Catholique de Louvain.

  14. Monden, A., Hajimu, I., Matsumoto, K., Katsuro, I., & Torii, K. (1999). Watermarking java programs. In Proceedings of International Symposium on Future Software Technology.

  15. Monden, A., Iida, H., Matsumoto, K., Inoue, K., & Torii, K. (2000). A practical method for watermarking java programs. In compsac2000, 24th Computer Software and Applications Conference.

  16. Myles, G., & Collberg, C. (2003). Software watermarking through register allocation: Implementation, analysis, and attacks. In ICISC ’2003 (International Conference on Information Security and Cryptology).

  17. Nagra, J., & Thomborson, C. (2004). Threading software watermarks. In 6th International Information Hiding Workshop.

  18. Nagra, J., Thomborson, C., & Collberg, C. (2002). A functional taxonomy for software watermarking. In Michael J. Oudshoorn, editor, Twenty-Fifth Australasian Computer Science Conference (ACSC2002), Conferences in Research and Practice in Information Technology, Melbourne, Australia, ACS.

  19. Palsberg, J., Krishnaswamy, S., Kwon, M., Ma, D., Shao, Q., & Zhang, Y. (2000). Experience with software watermarking. In Proceedings of ACSAC’00, 16th Annual Computer Security Applications Conference, pp. 308–316.

  20. Gang Qu, & Miodrag Potkonjak (1999). Hiding signatures in graph coloring solutions. In International Information Hiding Workshop, pp. 348–367.

  21. Sahoo, T. R., & Collberg, C. (2004). Software watermarking in the frequency domain: Implementation, analysis, and attacks. Technical Report TR04–07, Department of Computer Science, University of Arizona.

  22. Pendragon Software. Caffeinemark 3.0. (1998). http://www.pendragon-software.com/pendragon/cm3/.

  23. Stern, J. P., Hachez, G., Koeune, F., & Quisquater, J. (1999). Robust object watermarking: Application to code. In International Information Hiding Workshop, pp. 368–378.

  24. Tip, F. (1995). A survey of program slicing techniques. Journal of programming languages 3, 121–189.

    Google Scholar 

  25. Venkatesan, R., Vazirani, V., & Sinha, S. (2001). A graph theoretic approach to software watermarking. In 4th International Information Hiding Workshop, Pittsburgh, PA.

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Arizona, Tucson, AZ, 85721, USA

    Ginger Myles & Christian Collberg

Authors
  1. Ginger Myles
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christian Collberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ginger Myles.

Additional information

This work is supported by the NSF under grant CCR-0073483, by the AFRL under contract F33615-02-C-1146, and the GAANN Fellowship.

Ginger Myles is currently a research scientist at IBM’s Almaden Research Center and is finishing her Ph.D. degree in computer science at the University of Arizona. She received a B.A. in mathematics from Beloit College in Beloit, Wisconsin and an M.S. in computer science from the University of Arizona. Her research focuses on all aspects of content protection.

Christian Collberg received his PhD from the Department of Computer Science at the University of Lund, Sweden, after which he was on the faculty at the University of Auckland, New Zealand. He is currently an Associate Professor at the University of Arizona. His primary research area is the protection of software from reverse engineering, tampering, and piracy. In particular, the SandMark tool (sandmark.cs.arizona.edu) developed at the University of Arizona is the premier tool for the study of software protection algorithms.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Myles, G., Collberg, C. Software watermarking via opaque predicates: Implementation, analysis, and attacks. Electron Commerce Res 6, 155–171 (2006). https://doi.org/10.1007/s10660-006-6955-z

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10660-006-6955-z

Keywords

Search

Navigation