In this thesis, we introduce thread-based watermarks - a new technique for embedding robust software watermarks into a software program using thread contention. Our technique can help protect the intellectual property that exists in software programs from reverse engineering and piracy.
We build thread-based watermarks by adding new threads of execution to single-threaded portions of the program. The locations of these widgets are chosen carefully, such that when given particular input, the dynamic behavior of the threads is distinctive and encodes a watermark. An attacker challenged with attacking such a watermark must first analyze an application sufficiently that he is able to remove or distort the watermark while preserving the program’s semantics. However, the embedding of our proposed watermark also increases the complexity of the program and the cost of subsequent analysis.
Our technique is built using opaque predicates proposed by Collberg et al. We show our technique to be resilient to many semantic-preserving transformations that existing proposals are susceptible to. This thesis also introduces a novel use for opaque predicates to merge two different pieces of code such that they appear identical under static analysis.
We describe the technique for encoding the watermark as a bit string and a scheme for embedding and recognizing the watermark using thread contention. Our approach consists of three stages:
We prove the correctness of this watermarking technique and give a theoretical basis to show that the technique is difficult to attack using static analysis. Furthermore, we clearly identify the limitations of our solution and the assumptions made in the development of our thread-based watermarks. Finally, in implementing our prototype, we identify and resolve the problem of pattern matching attacks.