Xmark: Dynamic Software Watermarking Using Collatz Conjecture

Haoyu Ma, Chunfu Jia, Shijia Li, Wantong Zheng, Dinghao Wu

Research output: Contribution to journalArticle

Abstract

Dynamic software watermarking is one of the major countermeasures against software licensing violations. However, conventional dynamic watermarking approaches have exhibited a number of weaknesses including exploitable payload semantics, exploitable embedding/recognition procedures, and weak correlation between payload and subject software. This paper presents a novel dynamic watermarking method, Xmark, which leverages a well-known unsolved mathematical problem referred to as the Collatz conjecture. Our method works by transforming selected conditional constructs (which originally belonged to the software to be watermarked) with a control flow obfuscation technique based on Collatz conjecture. These obfuscation routines are built in a particular way such that they are able to express a watermark in the form of iteratively executed branching activities occurred during computing the aforementioned conjecture. Exploiting the one-to-one correspondence between natural numbers and their orbits computed by the conjecture (also known as the 'Hailstone sequences'), Xmark's watermark-related activities are designed to be insignificant without the pre-defined secret input. Meanwhile, being integrated with obfuscation techniques, our method is able to resist attacks based on various reverse engineering techniques on both syntax and semantic levels. Analyses and simulations indicated that Xmark could evade detections via pattern matching and model checking, and meanwhile effectively prohibit dynamic symbolic execution. We have also shown that our method could remain robust even if a watermarked software is compromised via re-obfuscation using approaches like control flow flattening.

Original languageEnglish (US)
Article number8676372
Pages (from-to)2859-2874
Number of pages16
JournalIEEE Transactions on Information Forensics and Security
Volume14
Issue number11
DOIs
StatePublished - Nov 1 2019

Fingerprint

Watermarking
Flow control
Semantics
Reverse engineering
Pattern matching
Model checking
Orbits

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

Ma, Haoyu ; Jia, Chunfu ; Li, Shijia ; Zheng, Wantong ; Wu, Dinghao. / Xmark : Dynamic Software Watermarking Using Collatz Conjecture. In: IEEE Transactions on Information Forensics and Security. 2019 ; Vol. 14, No. 11. pp. 2859-2874.
@article{f2d6a59ced8a47c19184fbbd90be911d,
title = "Xmark: Dynamic Software Watermarking Using Collatz Conjecture",
abstract = "Dynamic software watermarking is one of the major countermeasures against software licensing violations. However, conventional dynamic watermarking approaches have exhibited a number of weaknesses including exploitable payload semantics, exploitable embedding/recognition procedures, and weak correlation between payload and subject software. This paper presents a novel dynamic watermarking method, Xmark, which leverages a well-known unsolved mathematical problem referred to as the Collatz conjecture. Our method works by transforming selected conditional constructs (which originally belonged to the software to be watermarked) with a control flow obfuscation technique based on Collatz conjecture. These obfuscation routines are built in a particular way such that they are able to express a watermark in the form of iteratively executed branching activities occurred during computing the aforementioned conjecture. Exploiting the one-to-one correspondence between natural numbers and their orbits computed by the conjecture (also known as the 'Hailstone sequences'), Xmark's watermark-related activities are designed to be insignificant without the pre-defined secret input. Meanwhile, being integrated with obfuscation techniques, our method is able to resist attacks based on various reverse engineering techniques on both syntax and semantic levels. Analyses and simulations indicated that Xmark could evade detections via pattern matching and model checking, and meanwhile effectively prohibit dynamic symbolic execution. We have also shown that our method could remain robust even if a watermarked software is compromised via re-obfuscation using approaches like control flow flattening.",
author = "Haoyu Ma and Chunfu Jia and Shijia Li and Wantong Zheng and Dinghao Wu",
year = "2019",
month = "11",
day = "1",
doi = "10.1109/TIFS.2019.2908071",
language = "English (US)",
volume = "14",
pages = "2859--2874",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "11",

}

Xmark : Dynamic Software Watermarking Using Collatz Conjecture. / Ma, Haoyu; Jia, Chunfu; Li, Shijia; Zheng, Wantong; Wu, Dinghao.

In: IEEE Transactions on Information Forensics and Security, Vol. 14, No. 11, 8676372, 01.11.2019, p. 2859-2874.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Xmark

T2 - Dynamic Software Watermarking Using Collatz Conjecture

AU - Ma, Haoyu

AU - Jia, Chunfu

AU - Li, Shijia

AU - Zheng, Wantong

AU - Wu, Dinghao

PY - 2019/11/1

Y1 - 2019/11/1

N2 - Dynamic software watermarking is one of the major countermeasures against software licensing violations. However, conventional dynamic watermarking approaches have exhibited a number of weaknesses including exploitable payload semantics, exploitable embedding/recognition procedures, and weak correlation between payload and subject software. This paper presents a novel dynamic watermarking method, Xmark, which leverages a well-known unsolved mathematical problem referred to as the Collatz conjecture. Our method works by transforming selected conditional constructs (which originally belonged to the software to be watermarked) with a control flow obfuscation technique based on Collatz conjecture. These obfuscation routines are built in a particular way such that they are able to express a watermark in the form of iteratively executed branching activities occurred during computing the aforementioned conjecture. Exploiting the one-to-one correspondence between natural numbers and their orbits computed by the conjecture (also known as the 'Hailstone sequences'), Xmark's watermark-related activities are designed to be insignificant without the pre-defined secret input. Meanwhile, being integrated with obfuscation techniques, our method is able to resist attacks based on various reverse engineering techniques on both syntax and semantic levels. Analyses and simulations indicated that Xmark could evade detections via pattern matching and model checking, and meanwhile effectively prohibit dynamic symbolic execution. We have also shown that our method could remain robust even if a watermarked software is compromised via re-obfuscation using approaches like control flow flattening.

AB - Dynamic software watermarking is one of the major countermeasures against software licensing violations. However, conventional dynamic watermarking approaches have exhibited a number of weaknesses including exploitable payload semantics, exploitable embedding/recognition procedures, and weak correlation between payload and subject software. This paper presents a novel dynamic watermarking method, Xmark, which leverages a well-known unsolved mathematical problem referred to as the Collatz conjecture. Our method works by transforming selected conditional constructs (which originally belonged to the software to be watermarked) with a control flow obfuscation technique based on Collatz conjecture. These obfuscation routines are built in a particular way such that they are able to express a watermark in the form of iteratively executed branching activities occurred during computing the aforementioned conjecture. Exploiting the one-to-one correspondence between natural numbers and their orbits computed by the conjecture (also known as the 'Hailstone sequences'), Xmark's watermark-related activities are designed to be insignificant without the pre-defined secret input. Meanwhile, being integrated with obfuscation techniques, our method is able to resist attacks based on various reverse engineering techniques on both syntax and semantic levels. Analyses and simulations indicated that Xmark could evade detections via pattern matching and model checking, and meanwhile effectively prohibit dynamic symbolic execution. We have also shown that our method could remain robust even if a watermarked software is compromised via re-obfuscation using approaches like control flow flattening.

UR - http://www.scopus.com/inward/record.url?scp=85068234792&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068234792&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2019.2908071

DO - 10.1109/TIFS.2019.2908071

M3 - Article

AN - SCOPUS:85068234792

VL - 14

SP - 2859

EP - 2874

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

IS - 11

M1 - 8676372

ER -