ISSN : 1796-2048
Volume : 2    Issue : 2    Date : April 2007

Software Watermarking Resilient to Debugging Attacks
Gaurav Gupta and Josef Pieprzyk
Page(s): 10-16
Full Text:
PDF (516 KB)

In 2006, Gaurav Gupta and Josef Pieprzyk presented an attack on the branch-based software
watermarking scheme proposed by Ginger Myles and Hongxia Jin in 2005. The software
watermarking model is based on replacing jump instructions or unconditional branch statements
(UBS) by calls to a fingerprint branch function (FBF) that computes the correct target address of the
UBS as a function of the generated fingerprint and integrity check. If the program is tampered with,
the fingerprint and/or integrity checks change and the target address is not computed correctly.
Gupta and Pieprzyk's attack uses debugger capabilities such as register and address lookup and
breakpoints to minimize the requirement to manually inspect the software. Using these resources,
the FBF and calls to the same is identified, correct displacement values are generated and calls to
FBF are replaced by the original UBS transferring control of the attack to the correct target
instruction. In this paper, we propose a watermarking model that provides security against such
debugging attacks. Two primary measures taken are shifting the stack pointer modification
operation from the FBF to the individual UBSs, and coding the stack pointer modification in the
same language as that of the rest of the code rather than assembly language to avoid conspicuous
contents. The manual component complexity increases from
O(1) in the previous scheme to O(n) in
our proposed scheme.

Index Terms
watermarking, fingerprint, software