New Techniques for Software Protection
Jasvir Nagra, Clark Thomborson (U. of Auckland)
ABSTRACT
We describe two new techniques for protecting software against
unauthorised use and modification. Our first technique will prevent
some, but not all, attacks; we note that it is infeasible, in any
realistic model, to prevent all possible attacks. Hence most security
designs also employ detective techniques, such as the one described in
the second part of our talk.
Our preventative technique is a novel form of software obfuscation, for
programs expressed in a low-level language such as Java bytecode or x86
machine code. We employ a finite state machine (FSM) in the
interpreter, defining a context-dependent semantics for each instruction
in an obfuscated program. This dynamic mapping of semantics onto
opcodes will frustrate any non-cryptographic static analysis.
Traditional cryptographic analyses will be frustrated by the
dynamically-defined execution order of the code. This research is joint
with Drs Akito Monden and Antoine Monsifrot.
Our detective technique is a novel form of software watermarking, where
we implant the watermark using threads and thread contention in Java.
We describe a technique for embedding and recognizing the watermark. We
argue that an attacker will have great difficulty in removing our
thread-based watermark, because it is resilient to the
semantic-preserving transformations that would destroy watermarks
embedded by other methods. This research will be a centrepiece of
Jasvir Nagra's PhD thesis, which is now in preparation.
BIOGRAPHY
Jasvir Nagra is a PhD student at the University of Auckland, in New Zealand.
He earned his BSc with honors in Computer Science in 1999 also from the
University of Auckland. His current research interests are in steganography
and watermarking particularly focusing on developing novel software
watermarking and obfuscation algorithms.
Clark Thomborson has been a professor of computer science
at the University of Auckland since 1996, when
he emigrated to New Zealand. He received the
PhD degree in computer science in 1980 from Carnegie
Mellon University, under his birth name Clark Thompson.
He has held academic positions at the U of Minnesota-Duluth,
UC Berkeley and MIT; he has also worked for brief
periods as a software/hardware systems developer
in the private sector. His research interests
are currently focussed on software security, however
he has published articles on a wide range of topics
including computer systems performance analysis,
VLSI algorithms, and data compression.