@InProceedings{ arboit02method, author = {Genevi\`eve Arboit}, title = {A Method for Watermarking Java Programs via Opaque Predicates}, booktitle = {The Fifth International Conference on Electronic Commerce Research (ICECR-5) }, year = 2002, url = {http://citeseer.nj.nec.com/arboit02method.html}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ cousot03abstract, author = {Patrick Cousot and Radhia Cousot}, title = {An abstract interpretation-based framework for software watermarking}, booktitle = {Principles of Programming Languages 2003, {POPL}'03}, year = 2003, pages = {311-324}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ collberg04dynamic, author = {Christian Collberg and Edward Carter and Saumya Debray and Andrew Huntwork and Cullen Linn and Mike Stepp}, title = {Dynamic Path-Based Software Watermarking}, booktitle = {SIGPLAN '04 Conference on Programming Language Design and Implementation}, year = 2004, month = {june}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ curran04dependency, author = {D. Curran and M. O. Cinneide and N.J. Hurley and G.C.M. Silvestre}, title = {Dependency in software watermarking}, booktitle = {First International Conference on Information and Communication Technologies: from Theory to Applications}, year = 2004, pages = {311--324}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ curran03securing, author = {D. Curran and N.J. Hurley and M. O. Cinneide}, title = {Securing Java through Software Watermarking}, booktitle = {Proceedings of the 2nd international conference on Principles and practice of programming in Java}, year = 2003, pages = {311--324}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ collberg03error-correcting, author = {Christian Collberg and Stephen Kobourov and Edward Carter and Clark Thomborson}, title = {Error-Correcting Graphs for Software Watermarking}, booktitle = {29th Workshop on Graph Theoretic Concepts in Computer Science}, year = 2003, month = {juli}, url = {http://www.cs.arizona.edu/people/kobourov/papers.html}, section = {SOFTWARE-WATERMARKING} } @Article{ collberg03sandmark-a, author = {Christian Collberg and Ginger Myles and Andrew Huntwork}, title = {Sandmark--A Tool for Software Protection Research}, journal = {IEEE Security and Privacy}, year = 2003, volume = 1, number = 04, pages = {40--49}, issn = {1540-7993}, publisher = {IEEE Educational Activities Department}, section = {SOFTWARE-WATERMARKING} } @Misc{ collberg01sandmark, author = {Christian Collberg and Gregg Townsend}, title = {SandMark: Software Watermarking for Java}, year = 2001, url = {http://www.cs.arizona.edu/sandmark/}, keywords = {software watermark, java, dynamic watermark}, cache = {collberg01.html}, annote = {Describes a software watermarking tool for Java that embeds and recognizes dynamic watermarks encoded as a graph data structure built during the execution of a program.}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ collberg02watermarking, author = {Christian S. Collberg and Clark Thomborson}, title = {Watermarking, Tamper-Proofing, and Obfuscation - Tools for Software Protection}, booktitle = {{IEEE} Transactions on Software Engineering}, year = 2002, volume = 28, pages = {735--746}, month = {aug}, url = {http://citeseer.nj.nec.com/collberg02watermarking.html}, section = {SOFTWARE-WATERMARKING} } @Misc{ collberg98limits, author = {C. Collberg and C. Thomborson}, title = {On the Limits of Software Watermarking}, year = 1998, text = {C. Collberg and C. Thomborson, On the limits of Software Watermarking, Technical Report #164, Department of Computer Science, The University of Auckland, August 1998}, url = {http://www.cs.arizona.edu/~collberg/Research/Publications/CollbergThomborson98e/} , section = {SOFTWARE-WATERMARKING} } @InProceedings{ collberg99software, author = {Christian Collberg and Clark Thomborson}, title = {Software Watermarking: Models and Dynamic Embeddings}, booktitle = {Proceedings of Symposium on Principles of Programming Languages, {POPL}'99}, year = 1999, pages = {311--324}, url = {http://www.cs.arizona.edu/~collberg/Research/Publications/CollbergThomborson99a/A4.ps.gz} , cache = {collberg99.ps}, abstract = {Watermarking embeds a secret message into a cover message. In media watermarking the secret is usually a copyright notice and the cover a digital image. Watermarking an object discourages intellectual property theft, or when such theft has occurred, allows us to prove ownership. The Software Watermarking problem can be described as follows. Embed a structure W into a program P such that: W can be reliably located and extracted from P even after P has been subjected to code transformations such as translation, optimization and obfuscation; W is stealthy; W has a high data rate; embedding W into P does not adversely affect the performance of P; and W has a mathematical property that allows us to argue that its presence in P is the result of deliberate actions. In the first part of the paper we construct an informal taxonomy of software watermarking techniques . In the second part we formalize these results. Finally, we propose a new software watermarking technique in which a dynamic graphic watermark is stored in the execution state of a program.}, annote = {Introduces and formally defines software watermarking as well as providing an outline of what is involved in embedding, tamperproofing and recognizing watermarks. Provides a comprehensive taxonomy of software watermarking techniques and describes categories of attacks. }, keywords = {software watermark, attacks, tamperproofing, formal, discussion}, section = {SOFTWARE-WATERMARKING} } @PhDThesis{ hachez03comparative, author = {Gael Hachez}, title = {A Comparative Study of Software Protection Tools Suited for E-Commerce with Contributions to Software Watermarking and Smart Cards}, school = {Universite Catholique de Louvain}, year = 2003, month = mar, section = {SOFTWARE-WATERMARKING} } @InProceedings{ krsul96authorship, author = {I. Krsul and E. H. Spafford}, title = {Authorship Analysis: Identifying the Author of a Program}, booktitle = {Proc. 18th {NIST}-{NCSC} National Information Systems Security Conference}, year = 1996, pages = {514--524}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ monden98watermarking, author = {Akito Monden and Hajimu Iida and others}, title = {A Watermarking Method for Computer Programs (in Japanese)}, booktitle = {Proceedings of the 1998 Symposium on Cryptography and Information Security, SCIS'98}, year = 1998, month = jan, publisher = {Institute of Electronics, Information and Communication Engineers}, url = {http://toripc12.aist-nara.ac.jp/~akito-m/home/research/paper/watermark.ps} , cache = {monden98.ps}, abstract = {This paper proposes a watermarking method for computer programs. The method suits for compiler languages such as C, C++, JAVA. In the proposed method, first, a set of dummy statements, which will not be executed, is appended to a target program, and compiled. Next, a watermark is injected into the binary program. Watermark injection will be done by rewriting dummy statements. By using this method, program users can hardly know the location of watermark statements, thus, erasing or/and tampering with the watermark is very hard for users. }, keywords = {java, static watermark}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ monden00practical, author = {Akito Monden and Hajimu Iida and Ken-ichi Matsumoto}, title = {A Practical Method for Watermarking Java Programs}, booktitle = {The 24th Computer Software and Applications Conference}, pages = {191--197}, year = 2000, url = {http://toripc12.aist-nara.ac.jp/~akito-m/home/research/paper/compsac2000.pdf} , cache = {monden00.pdf}, abstract = {Java programs distributed through Internet are now suffering from program theft. It is because Java programs can be easily decomposed into reusable class files and even decompiled into source code by program users. In this paper we propose a practical method that discourages program theft by embedding Java programs with a digital watermark. Embedding a program developer s copyright notation as a watermark in Java class files will ensure the legal ownership of class files. Our embedding method is indiscernible by program users, yet enables us to identify an illegal program that contains stolen class files. The result of the experiment to evaluate our method showed most of the watermarks (20 out of 23) embedded in class files survived two kinds of attacks that attempt to erase watermarks: an obfuscactor attack, and a decompile-recompile attack. }, annote = {Describes a method of watermarking java classes that embeds a static mark in an injected method encoded in the ordering of opcodes and choice of argument. Although the authors discuss two attacks, decompile/recompile and obfuscation, they do not address the relatively straightforward global instruction aliasing attacks.}, keywords = {java, static watermark}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ monden99watermarking, author = {Akito Monden and Hajimu Iida and Ken-ichi Matsumoto and Katsuro Inoue and Koiji Torii}, title = {Watermarking Java Programs}, booktitle = {International Symposium on Future Software Technology '99}, year = 1999, pages = {119-124}, month = {October}, ps = {references/monden99watermarking.ps}, url = {http://se.aist-nara.ac.jp/~akito-m/home/research/paper/ISFST99.pdf} , section = {SOFTWARE-WATERMARKING} } @Article{ naccache99how, author = {David Naccache and Adi Shamir and Julien P. Stern}, title = {How to copyright a function?}, journal = {Public Key Encryption '99, Lecture Notes in Computer Science}, year = 1999, editor = {Hideki Imai}, publisher = {Springer-Verlag}, series = {Lecture Notes in Computer Science}, url = {http://www.julienstern.org/files/funcopy/funcopy.html}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ nagra02functional, author = {Jasvir Nagra and Clark Thomborson and Christian Collberg}, title = {A Functional Taxonomy for Software Watermarking}, editor = {Michael J. Oudshoorn}, booktitle = {Twenty-Fifth Australasian Computer Science Conference (ACSC2002)}, year = 2002, address = {Melbourne, Australia}, publisher = {ACS}, url = {http://citeseer.nj.nec.com/508809.html}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ nagra02software, author = {Jasvir Nagra and Clark Thomborson and Christian Collberg}, title = {Software Watermarking: Protective Terminology}, booktitle = {Proceedings of the ACSC 2002}, year = 2002, section = {SOFTWARE-WATERMARKING} } @InProceedings{ palsberg00experience, author = {J. Palsberg and S. Krishnaswamy and Kwon Minseok and D. Ma and Qiuyun Shao and Y. Zhang}, title = {Experience with software watermarking}, booktitle = {Proceedings of the 16th Annual Computer Security Applications Conference, ACSAC '00}, year = 2000, pages = {308--316}, publisher = {IEEE}, url = {http://www.cs.purdue.edu/homes/madi/wm/watermarking.ps}, cache = {palsberg00.ps}, abstract = {There are at least four U.S. patents on software wa-termarking, and an idea for further advancing the state of the art was presented in 1999 by Collberg and Thom-borsen. The new idea is to embed a watermark in dynamic data structures, thereby protecting against many program-transformation attacks. Until now there have been no re-ports on practical experience with this technique. We have implemented and experimented with a water-marking system for Java based on the ideas of Collberg and Thomborsen. Our experiments show that watermark-ing can be done efficiently with moderate increases in code size, execution times, and heap-space usage, while making the watermarked code resilient to a variety of program-transformation attacks. For a particular representation of watermarks, the time to retrieve a watermark is on the order of one minute per megabyte of heap space. Our implemen-tation is not designed to resists all possible attacks; to do that it should be combined with other protection techniques such as obfuscation and tamperproofing.}, annote = {Describes results of gathered from using an implementation of the Collberg Thomborson algorithm to watermark some Java programs. The paper has a good detailed description of the design desicions and data structures used in building the watermarking system as well as the spacetime overhead of watermarks. Although, it discusses possible attacks and methods of tamperproofing against them, the authors do not consider the resilence of their watermark under any of these named attacks.}, keywords = {java, software watermark}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ pieprzyk99fingerprints, author = {Josef Pieprzyk}, title = {Fingerprints for Copyright Software Protection}, editor = {M. Mambo and Y. Zheng}, booktitle = {Proceedings of the Second International Workshop on Information Security, ISW'99 (LNCS 1729)}, year = 1999, pages = {178--190}, address = {Germany}, publisher = {Springer}, url = {http://link.springer.de/link/service/series/0558/papers/1729/17290178.pdf#xml=http://athene.em.springer.de/search97cgi/s97_cgi?action=view&VdkVgwKey=%2Fjour%2Fseries%2F0558%2Fpapers%2F1729%2F17290178.pdf&doctype=xml&collection=springer02&queryZIP=%28%28%22pieprzyk%22%29%29AND%28%22fingerprints%22%29} , cache = {pieprzyk99.pdf}, abstract = {The work studies the problem of copyright protection of software using cryptographic fingerprinting. The identity of software must be unique for each copy. There are two classes of identities: one is based on equivalent variants of the program and the other applies behaviour of the software as its identity. For these two types of identity, we introduce two different fingerprint schemes. The two schemes use digital signatures and can be easily combined and extended to be resilient against partial fingerprint destruction.}, annote = {Broadly discusses issues of protecting software intellectual property, distinguishing between fingerprints which the author considers to be universally verifiable and software watermarks, which he considers to be recoverable only by the owner. Introduces two methods of fingerprinting, one by encoding the watermark in the choice of equivalent instructions and a second by adding redundant states in the behaviour of the program during a particular execution.}, keywords = {software watermark}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ stern99robust, author = {Julien Stern and Gael Hachez and Francois Koeune and Jean-Jacques Quisquater}, title = {Robust Object Watermarking: Application to Code}, booktitle = {Information Hiding Workshop '99}, year = 1999, pages = {368-378}, url = {http://citeseer.ist.psu.edu/stern00robust.html}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ venkatesan00graph, author = {Ramarathnam Venkatesan and Vijay Vazirani and Saurabh Sinha}, title = {A graph theoretic approach to software watermarking}, booktitle = {Information Hiding Workshop '00}, year = 2000, month = {March}, url = {http://www.cc.gatech.edu/fac/Vijay.Vazirani/water.ps}, section = {SOFTWARE-WATERMARKING} } @InProceedings{ venkatesan01graph, author = {Ramarathnam Venkatesan and Vijay Vazirani and Saurabh Sinha}, title = {A Graph Theoretic Approach to Software Watermarking}, booktitle = {4th International Information Hiding Workshop}, year = 2001, address = {Pittsburgh, PA}, month = apr, abstract = {We present a graph theoretic approach for watermarking software in a robust fashion. While watermarking software that are small in size (e.g. a few kilobytes) may be infeasible through this approach, it seems to be a viable scheme for large applications. Our approach works with control/data flow graphs and uses abstractions, approximate k-partitions, and a random walk method to embed the watermark, with the goal of minimizing and controlling the additions to be made for embedding, while keeping the estimated effort to undo the watermark (WM) as high as possible. The watermarks are so embedded that small changes to the software or flow graph are unlikely to disable detection by a probabilistic algorithm that has a secret. This is done by using some relatively robust graph properties and error correcting codes. Under some natural assumptions about the code added to embed the WM, locating the WM by an attacker is related to some graph approximation problems. Since little theoretical foundation exists for hardness of typical instances of graph approximation problems, we present heuristics to generate such hard instances and, in a limited case, present a heuristic analysis of how hard it is to separate the WM in an information theoretic model. We describe some related experimental work. The approach and methods described here also suitable for solving the problem of software tamper resistance. }, url = {http://link.springer.de/link/service/series/0558/bibs/2137/21370157.htm} , cache = {venkatesan01.pdf}, section = {SOFTWARE-WATERMARKING} } @Misc{ collberg-sandmark, author = {Christian Collberg}, title = {Sandmark}, url = {http://www.cs.arizona.edu/sandmark/}, section = {SOFTWARE-WATERMARKING,OBFUSCATION,TOOLS} } @Misc{ monden-jmark, author = {Akito Monden}, title = {Jmark}, url = {http://se.aist-nara.ac.jp/jmark/}, section = {SOFTWARE-WATERMARKING,TOOLS} } @Misc{ palsberg-javawiz, author = {Jens Palsberg and Di Ma}, title = {Javawiz}, url = {http://www.cs.purdue.edufile:/homes/madi/wm/}, section = {SOFTWARE-WATERMARKING,TOOLS} }