CFP last date
22 April 2024
Reseach Article

Software Watermarking based on Return-Oriented Programming for Computer Security

by Ashwag Alrehily, Vijey Thayananthan
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 166 - Number 8
Year of Publication: 2017
Authors: Ashwag Alrehily, Vijey Thayananthan
10.5120/ijca2017914089

Ashwag Alrehily, Vijey Thayananthan . Software Watermarking based on Return-Oriented Programming for Computer Security. International Journal of Computer Applications. 166, 8 ( May 2017), 21-28. DOI=10.5120/ijca2017914089

@article{ 10.5120/ijca2017914089,
author = { Ashwag Alrehily, Vijey Thayananthan },
title = { Software Watermarking based on Return-Oriented Programming for Computer Security },
journal = { International Journal of Computer Applications },
issue_date = { May 2017 },
volume = { 166 },
number = { 8 },
month = { May },
year = { 2017 },
issn = { 0975-8887 },
pages = { 21-28 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume166/number8/27689-2017914089/ },
doi = { 10.5120/ijca2017914089 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:13:09.418475+05:30
%A Ashwag Alrehily
%A Vijey Thayananthan
%T Software Watermarking based on Return-Oriented Programming for Computer Security
%J International Journal of Computer Applications
%@ 0975-8887
%V 166
%N 8
%P 21-28
%D 2017
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Currently, the major problem for software developers is software piracy. To protect software from piracy, many techniques are developed, and one of them is software watermark. Software watermark provides authentication and copyright protection by embedding a watermark into the software, and the owner can claim ownership of the software by watermark extraction. The software watermarking improves the computer security with a robust solution to expose the unauthorized modification or illegal copying of different kind of attacks. Now, there many techniques for embedding and extracting watermark into software and most recent one used malicious code like return-oriented programming (ROP) for good uses. Moreover, any software protection with an efficient watermarking algorithm based on ROP is a relatively new branch of computer security. Thus, in this paper, new software watermark has been designed using ROP technique that enhances the existing one. The watermark has been embeded using ROP and it has been extracted once ROP trigger is triggered. ROP trigger uses a SHA256 hash function to compare between watermark secret input and user entered key. As a result, the proposed work has strong resilience, Stealth and minimum runtime overhead.

References
  1. L. Chen and C. Zhang, “A Novel Algorithm for.NET Programs Watermarking based on Obfuscation” in Int Symposium on Instrumentation & Measurement, Sensor Network and Automation, (IMSN). Sanya .2012 , pp. 583 - 586.
  2. Collberg, C. and C. Thomborson (1999). Software watermarking: Models and dynamic embeddings. Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, ACM.
  3. C. Collberg and J. Nagra. Surreptitious Software —Obfuscation, Watermarking, and Tamperproofing for Software Protection. Software Security Series. Addison-Wesley, 2009
  4. H. Ma, K.Lu , X.Ma ,H. Zhang,C Jia and D.Gao." Software Watermarking using Return-Oriented Programming ".on ACM Symposium on Information, Computer and Communications Security. ASIACCS.2015.pp. 369-380.Tavel, P. 2007 Modeling and Simulation Design. AK Peters Ltd.
  5. Anley, C., et al. (2011). The shellcoder's handbook: discovering and exploiting security holes, John Wiley & Sons.
  6. M. Shirali-Shahreza and S. Shirali-Shahreza . "Software Watermarking by Equation Reordering ".on 3rd Int Conf on Information and Communication Technologies: From Theory to Applications, ICTTA .2008.pp. 1 – 4.
  7. S. Zonglu, J.Hua and X.Aicheng. " Software Watermarking Algorithm by Coefficients of Equation ".on 3rd Int Conf on Genetic and Evolutionary Computing, 2009.pp. 410 - 413.
  8. J. Hua, H. Hanlei and W.Xin . "Software Watermark Algorithm Based on Chinese Remainder Theorem".on IEEE Conf Anthology, 2013.pp. 602 – 606.
  9. Z.Jian-qi, L.Yan-heng, and Y.Ke ." A Robust Dynamic Watermarking Scheme based on STBDW ". WRI World Congress on Computer Science and Information Engineering, 2009.pp. 602 – 606.
  10. G.Gupta and J.Pieprzyk." Source Code Watermarking Based on Function Dependency-Oriented Sequencing".on Int Conf on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP.Harbin.2008.pp. 965 – 968.
  11. Zhang, X., et al. (2008). Hash function based software watermarking. Advanced Software Engineering and Its Applications, 2008. ASEA 2008, IEEE.
  12. Scut (2001). Exploiting format string vulnerabilities, Team Teso.
  13. Shacham, H. (2007). "The Geometry of Innocent Flesh on the Bone:Return-into-libc without Function Calls (on the x86)." In Proceedings of the 14th ACM conference onComputer and communications security (CCS): 552-561.
  14. Buchanan, E., et al. (2008). When good instructions go bad: Generalizing return-oriented programming to RISC. Proceedings of the 15th ACM conference on Computer and communications security, ACM.
  15. Immunity, I. Immunity debugger.
  16. Corelan (2015). Mona.
  17. Sharif, M. I., et al. (2008). Impeding Malware Analysis Using Conditional Code Obfuscation. NDSS.
  18. Standard, S. H. (2002). "FIPS PUB 180-2." National Institute of Standards and Technology.
  19. Palsberg, J., et al. (2000). Experience with software watermarking. Computer Security Applications, 2000. ACSAC'00. 16th Annual Conference, IEEE.
  20. Coffey, P. (2011). Benchmarking the amazon elastic compute cloud (ec2), Worcester Polytechnic Institute.
  21. Microsoft (2015). Visual Studio.
  22. Collberg, C., et al. (2003). Error-correcting graphs for software watermarking. Proceedings of the 29th Workshop on Graph Theoretic Concepts in Computer Science, Springer.
  23. Tang, Z. and D. Fang (2011). A tamper-proof software watermark using code encryption. Intelligence and Security Informatics (ISI), 2011 IEEE International Conference on, IEEE.
  24. Eagle, C. (2011). The IDA pro book: the unofficial guide to the world's most popular disassembler, No Starch Press.
  25. Oberhumer, M., et al. (2004). UPX: the Ultimate Packer for eXecutables.
  26. Stunnix Stunnix C/C++ Obfuscator.
Index Terms

Computer Science
Information Sciences

Keywords

Computer security Software watermark Return-oriented programming and Secure Hash Algorithm.