Register Expansion and SemaCall: 2 Low-overhead Dynamic Watermarks Suitable for Automation in LLVM
Pages 1 - 10
Abstract
Software watermarking is a means of protection against issues of piracy and unauthorized tampering. We propose two dynamic software watermarking techniques and show how we added them to the LLWM framework for automatic insertion into to-be-watermarked code. Both select many spots in the code and insert randomly generated and computationally different hash-like arithmetics that at runtime transform a secret input key into a watermark message.
The Register Expansion Watermark expands 32 bit values to 64 bits and piggy-backs hash computed values upon existing computations to spread the message around. The SemaCall Watermark performs its hash arithmetics on the result of a set of library functions that the to-be-watermarked code calls. As their semantics is known, we can compare the generated hash values to the ones expected for the secret input and then trigger an easter-egg that generates the message. We show that leveraging many and different hash-like arithmetics, our watermarks are harder to attack than other state-of-the-art techniques and also have a low performance overhead.
References
[1]
Zhe Chen, Chunfu Jia, and Donghui Xu. 2017. Hidden Path: Dynamic Software Watermarking Based on Control Flow Obfuscation. In Proc. 2017 IEEE Intl. Conf. Computational Science and Engineering (CSE) and IEEE Intl. Conf. Embedded and Ubiquitous Computing (EUC), Vol. 2. Guangzhou, China, 443--450. https://doi.org/10.1109/CSE-EUC.2017.280
[2]
Ioannis Chionis, Maria Chroni, and Stavros D Nikolopoulos. 2013. A Dynamic Watermarking Model for Embedding Reducible Permutation Graphs into Software. In Proc. 2013 Intl. Conf. Security and Cryptography (SECRYPT). Reykjavík, Iceland, 74--85. https://doi.org/document/7223157/
[3]
Maria Chroni and Stavros D. Nikolopoulos. 2010. Encoding Watermark Integers as Self-Inverting Permutations. In Proc. 11th Intl. Conf. Computer Systems and Technologies (CompSysTech'10). Sofia, Bulgaria, 125--130. https://doi.org/10.1145/1839379.1839402
[4]
Christian Collberg and Clark Thomborson. 1999. Software Watermarking: Models and Dynamic Embeddings. In Proc. 26th ACM SIGPLAN-SIGACT Symp. Principles of Programming Languages (POPL'99). Auckland, New Zealand, 311--324. https://doi.org/10.1145/292540.2925
[5]
Ron Cytron, Jeanne Ferrante, Barry K. Rosen, Mark N. Wegman, and F. Kenneth Zadeck. 1991. Efficiently Computing Static Single Assignment Form and the Control Dependence Graph. ACM Trans. Program. Lang. Syst., Vol. 13, 4 (Oct 1991), 451--490. https://doi.org/10.1145/115372.115320
[6]
Mila Dalla Preda and Michele Ianni. 2024. Exploiting Number Theory for Dynamic Software Watermarking. Computer Virology and Hacking Techniques, Vol. 20, 1 (2024), 41--51. https://doi.org/10.1007/s11416-023-00489-8
[7]
Ibrahim Kamel and Qutaiba Albluwi. 2009. A robust software watermarking for copyright protection. Computers & Security, Vol. 28, 6 (Sep. 2009), 395--409. https://doi.org/10.1016/j.cose.2009.01.007
[8]
Michael Kerrisk. 2023. atoi(3) Linux manual page. https://man7.org/linux/man-pages/man3/atoi.3.html.
[9]
Michael Kerrisk. 2023. fgetc(3) Linux manual page. https://man7.org/linux/man-pages/man3/fgets.3.html.
[10]
Michael Kerrisk. 2023. getline(3) Linux manual page. https://man7.org/linux/man-pages/man3/getline.3.html.
[11]
Michael Kerrisk. 2023 d. gets(3) Linux manual page. https://man7.org/linux/man-pages/man3/gets.3.html.
[12]
Michael Kerrisk. 2023 e. gettimeofday(2) Linux manual page. https://man7.org/linux/man-pages/man2/gettimeofday.2.html.
[13]
Michael Kerrisk. 2023 f. strtol(3) Linux manual page. https://man7.org/linux/man-pages/man3/strtol.3.html.
[14]
Michael Kerrisk. 2023 g. time(2) Linux manual page. https://man7.org/linux/man-pages/man2/time.2.html.
[15]
Fenlin Liu, Bin Lu, and Xiangyang Luo. 2006. A Chaos-Based Robust Software Watermarking. In Proc. Intl. Conf. Information Security Practice and Experience. Hangzhou, China, 355--366. https://doi.org/10.1007/11689522_33
[16]
Haoyu Ma, Chunfu Jia, Shijia Li, Wantong Zheng, and Dinghao Wu. 2019. Xmark: Dynamic Software Watermarking Using Collatz Conjecture. IEEE Transactions Information Forensics and Security, Vol. 14, 11 (Nov. 2019), 2859--2874. https://doi.org/10.1109/TIFS.2019.2908071
[17]
Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. 1997. Handbook of Applied Cryptography. CRC Press, Boca Raton, USA. ISBN: 978-0-8493-8523-0.
[18]
Ginger Myles and Hongxia Jin. 2005. Self-Validating Branch-Based Software Watermarking. In Proc. 9th Intl. Workshop Information Hiding (IH'05). Saint Malo, France, 342--356. https://doi.org/10.1007/11558859_25
[19]
Jasvir Nagra and Christian Collberg. 2009. Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Addison-Wesley Professional, Michigan, USA. ISBN: 978-0-321-54925-9.
[20]
Daniela Novac, Christian Eichler, and Michael Philippsen. 2021. LLWM & IR-Mark: Integrating Software Watermarks into an LLVM-based Framework. In Proc. 2021 Workshop on Research on Offensive and Defensive Techniques in the Context of Man At The End Attacks (CheckMATE'21). Virtual Event, 35--41. https://doi.org/10.1145/3465413.3488576
[21]
LLVM Project. 2003. llvm-test-suite. https://github.com/llvm/llvm-test-suite.
[22]
LLVM Project. 2023. LLVM Project. https://github.com/llvm/llvm-project.
[23]
Medahalli V. Ramakrishna and Justin Zobel. 1997. Performance in Practice of String Hashing Functions. In Proc. 5th Intl. Conf. Database Systems For Advanced Applications. Melbourne, Australia, 215--223. https://doi.org/10.1142/9789812819536_0023
[24]
David Schwarzbeck, Jan Schuh, and Marcel Hammrich. 2024. Register Expansion and SemaCall: 2 low-overhead dynamic Watermarks suitable for Automation in LLVM [Source code and Raw Experiment data]. Zenodo. https://doi.org/10.5281/zenodo.13337275
[25]
Xuesong Zhang, Fengling He, and Wanli Zuo. 2008. Hash Function Based Software Watermarking. In Proc. 2008 Intl. Conf. Advanced Software Engineering and Its Applications (ASEA'08). Hainan, China, 95--98. https://doi.org/10.1109/ASEA.2008.57
Index Terms
- Register Expansion and SemaCall: 2 Low-overhead Dynamic Watermarks Suitable for Automation in LLVM
Recommendations
Reversible Data Embedding for Tamper-Proof Watermarks
ICICIC '06: Proceedings of the First International Conference on Innovative Computing, Information and Control - Volume 3In this paper, a novel reversible data embedding for tamper-proof watermarks is proposed. A reversible watermark is embedded into robust watermark in the discrete wavelet transform (DWT) domain using a feature map and a location map. Generally, the ...
Hidden digital watermarks in images
An image authentication technique by embedding digital “watermarks” into images is proposed. Watermarking is a technique for labeling digital pictures by hiding secret information into the images. Sophisticated watermark embedding is a ...
Embedding image watermarks in dc components
Both watermark structure and embedding strategy affect robustness of image watermarks. Where should watermarks be embedded in the discrete cosine transform (DCT) domain in order for the invisible image watermarks to be robust? Though many papers in the ...
Comments
Information & Contributors
Information
Published In
November 2024
64 pages
ISBN:9798400712302
DOI:10.1145/3689934
- General Chair:
- Sebastian Schrittwieser,
- Program Chair:
- Michele Ianni
Copyright © 2024 ACM.
Publication rights licensed to ACM. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 19 November 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
CCS '24
Sponsor:
CCS '24: ACM SIGSAC Conference on Computer and Communications Security
October 14 - 18, 2024
UT, Salt Lake City, USA
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 35Total Downloads
- Downloads (Last 12 months)35
- Downloads (Last 6 weeks)24
Reflects downloads up to 06 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in