Technique for producing through watermarking highly tamper-resistant executable code and resulting “watermarked” code so formed
First Claim
1. Apparatus for forming an identifier for an input object and for securely marking the input object with the identifier so as to yield a marked object, apparatus comprising:
- means for storing computer executable instructions therein;
means for performing acts, in response to the stored executable instructions, the acts comprising;
generating a flow representation for the input object, the representation having a plurality of nodes, said nodes representing pre-defined first operations performed by the input object, and connections among the nodes signifying associated flow among the pre-defined first operations performed by the input object;
randomly selecting first and second nodes from the plurality of nodes in the representation so as to form a pre-defined number of nodal pairs, each of said pairs having one of the first nodes and a corresponding one of the second nodes;
for each of the nodal pairs, forming an executable procedure associated with each of the nodal pairs by establishing flow between the first and second nodes in said each nodal pair and inserting, in the flow so established, a selected one of a plurality of different pre-defined second operations so as to collectively define the marked object, whereby the marked object implements the pre-defined first operations and a plurality of selected ones of the pre-defined second operations, each of which has been randomly spliced into flow of the input object, wherein the identifier collectively comprises all ones which differ within the plurality of pre-defined second operations, and execution flow associated therewith and involving the nodal pairs;
inserting a pre-defined number of separate links and designations for selected ones of the procedures into the flow representation so as to yield a combined flow representation; and
converting, in response to said input executable code and executable code for said selected ones of the procedures, said combined flow representation into output executable code, said output executable code being the marked code;
wherein;
the input object comprises a software object which comprises, input executable code, at least one instruction in the input executable code being associated with a corresponding one of the pre-defined first operations, and executable code for a corresponding executable procedure being associated with each selected one of the pre-defined second operations;
the input executable code comprises first and second portions thereof and the flow representation comprises first and second separate flow representations for the first and second portions of the input executable code, respectively;
the first portion of the input executable code comprises at least a pre-defined portion of a non-marked application program; and
the second portion of the input executable code comprises a remaining portion of the non-marked application program or pre-defined executable security code.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and an accompanying method, for forming and embedding a highly tamper-resistant cryptographic identifier, i.e., a watermark, within non-marked executable code, e.g., an application program, to generate a “watermarked” version of that code. Specifically, the watermark, containing, e.g., a relatively large number of separate executable routines, is tightly integrated into a flow pattern of non-marked executable code, e.g., an application program, through randomly establishing additional control flows in the executable code and inserting a selected one of the routines along each such flow. Since the flow pattern of the watermark is highly intertwined with the flow pattern of the non-marked code, the watermark is effectively impossible to either remove from the code and/or circumvent. The routines are added in such a manner that the flow pattern of resulting watermarked code is not substantially different from that of the non-marked code, thus frustrating third party detection of the watermark using, e.g., standard flow analysis tools. To enhance tamper-resistance of the watermarked code, each such routine can provide a pre-defined function such that if that routine were to be removed from the marked code by, e.g., a third party adversary, then the marked code will prematurely terminate its execution.
-
Citations
26 Claims
-
1. Apparatus for forming an identifier for an input object and for securely marking the input object with the identifier so as to yield a marked object, apparatus comprising:
-
means for storing computer executable instructions therein; means for performing acts, in response to the stored executable instructions, the acts comprising; generating a flow representation for the input object, the representation having a plurality of nodes, said nodes representing pre-defined first operations performed by the input object, and connections among the nodes signifying associated flow among the pre-defined first operations performed by the input object; randomly selecting first and second nodes from the plurality of nodes in the representation so as to form a pre-defined number of nodal pairs, each of said pairs having one of the first nodes and a corresponding one of the second nodes; for each of the nodal pairs, forming an executable procedure associated with each of the nodal pairs by establishing flow between the first and second nodes in said each nodal pair and inserting, in the flow so established, a selected one of a plurality of different pre-defined second operations so as to collectively define the marked object, whereby the marked object implements the pre-defined first operations and a plurality of selected ones of the pre-defined second operations, each of which has been randomly spliced into flow of the input object, wherein the identifier collectively comprises all ones which differ within the plurality of pre-defined second operations, and execution flow associated therewith and involving the nodal pairs; inserting a pre-defined number of separate links and designations for selected ones of the procedures into the flow representation so as to yield a combined flow representation; and converting, in response to said input executable code and executable code for said selected ones of the procedures, said combined flow representation into output executable code, said output executable code being the marked code; wherein; the input object comprises a software object which comprises, input executable code, at least one instruction in the input executable code being associated with a corresponding one of the pre-defined first operations, and executable code for a corresponding executable procedure being associated with each selected one of the pre-defined second operations; the input executable code comprises first and second portions thereof and the flow representation comprises first and second separate flow representations for the first and second portions of the input executable code, respectively; the first portion of the input executable code comprises at least a pre-defined portion of a non-marked application program; and the second portion of the input executable code comprises a remaining portion of the non-marked application program or pre-defined executable security code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. One or more computer-readable media having computer-executable instructions that, when executed by a computer, perform acts for forming an identifier for input executable code and for securely marking the input executable code with the identifier so as to yield marked code, the acts comprising:
-
generating a flow representation for the input object, the representation having a plurality of nodes, said nodes representing pre-defined first operations performed by the input object, and connections among the nodes signifying associated flow among the pre-defined first operations performed by an input object; randomly selecting first and second nodes from the plurality of nodes in the representation so as to form a pre-defined number of nodal pairs, each of said pairs having one of the first nodes and a corresponding one of the second nodes; for each of the nodal pairs, forming an executable procedure associated with each of the nodal pairs by establishing flow between the first and second nodes in said each nodal pair and inserting, in the flow so established, a selected one of a plurality of different pre-defined second operations so as to collectively define the marked object whereby the marked object implements the pre-defined first operations and a plurality of selected ones of the pre-defined second operations, each of which has been randomly spliced into flow of the input object, wherein the identifier collectively comprises all ones which differ within the plurality of pry-defined second operations, and execution flow associated therewith and involving the nodal pairs; inserting a pre-defined number of separate links and designations for selected ones of the procedures into the flow representation so as to yield a combined flow representation; and converting, in response to said input executable code and executable code for said selected ones of the procedures, said combined flow representation into output executable code, said output executable code being the marked code; wherein; the input object comprises a software object which comprises input executable code, at least one instruction in the input executable code being associated with a corresponding one of the pre-defined first operations, and executable code for a corresponding executable procedure being associated with each selected one of the pre-defined second operations; the input executable code comprises first and second portions thereof and the flow representation comprises first and second separate flow representations for the first and second portions of the input executable code, respectively; the first portion of the input executable code comprises at least a pre-defined portion of a non-marked application program; and the second portion of the input executable code comprises a remaining portion of the non-marked application program or pre-defined executable security code. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. One or more computer-readable media having computer-executable instructions that, when executed by a computer, perform acts for forming an identifier for input executable code and for securely marking the input executable code with the identifier so as to yield marked code, the acts comprising:
-
generating a flow representation for the input object, the representation having a plurality of nodes, said nodes representing pre-defined first operations performed by the input object, and connections among the nodes signifying associated flow among the pre-defined first operations performed by an input object; randomly selecting first and second nodes from the plurality of nodes in the representation so as to form a pre-defined number of nodal pairs, each of said pairs having one of the first nodes and a corresponding one of the second nodes; for each of the nodal pairs, forming an executable procedure associated with each of the nodal pairs by establishing flow between the first and second nodes in said each nodal pair and inserting, in the flow so established, a selected one of a plurality of different pre-defined second operations so as to collectively define the marked object, whereby the marked object implements the pre-defined first operations and a plurality of selected ones of the pre-defined second operations, each of which has been randomly spliced into flow of the input object, wherein the identifier collectively comprises all ones which differ within the plurality of pre-defined second operations, and execution flow associated therewith and involving the nodal pairs; inserting a pre-defined number of separate links and designations for selected ones of the procedures into the flow representation so as to yield a combined flow representation; converting, in response to said input executable code and executable code for said selected ones of the procedures, said combined flow representation into output executable code, said output executable code being the marked code; generating first and second separate flow representations for the first and second portions of the input executable code; partitioning each of the first and second flow representations into k clusters each so as to yield first and second cluster flow representations, respectively (where k is a pre-defined integer); randomly selecting the first and second nodes in the first and second cluster flow representations, respectively, so as to form a corresponding one of the nodal pairs; inserting a designation for a selected executable procedure at a first node in the nodal pair; and repeating a pre-defined number of times steps “
randomly selecting the first and second nodes” and
“
inserting a designation”
so as to insert a pre-defined number of separate procedures into the first and second flow representations so as to yield the combined flow representation;wherein; the input object comprises a software object, which comprises input executable code, at least one instruction in the input executable code being associated with a corresponding one of the pre-defined first operations, and executable code for a corresponding executable procedure being associated with each selected one of the pre-defined second operations; the input executable code comprises first and second portions thereof and the flow representation comprises first and second separate flow representations for the first and second portions of the input executable code, respectively; the first portion of the input executable code comprises at least a pre-defined portion of a non-marked application program; and the second portion of the input executable code comprises a remaining portion of the non-marked application program or pry-defined executable security code. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification