Method and system for protecting software applications against static and dynamic software piracy techniques
First Claim
Patent Images
1. A method for protecting a software application module, comprising:
- given an application module having executable code, constructing a managed challenge system specific to the application module, said constructing including copying certain executable code from the application module and forming the managed challenge system, the certain executable code being at identified authorization points in the application module;
rewriting the application module by overwriting the certain executable code at identified authorization points with control transfers to the managed challenge system, such that a rewritten application module results;
for a byte sequence in the application module which matches one of said control transfers and which does not correspond with an identified authorization point, including dummy code in the managed challenge system;
associating said dummy code with said byte sequence; and
linking the managed challenge system to the rewritten application module wherein the steps of rewriting, constructing and linking are able to be performed by a compiler, the compiler creating a shared object that includes the managed challenge system and that is linked with the rewritten application module; and
wherein the step of rewriting further comprises, without access to source code, instrumenting the application module'"'"'s executable code.
3 Assignments
0 Petitions
Accused Products
Abstract
An application module is rewritten by overwriting executable code at identified authorization points with control transfers to a managed challenge system such that a rewritten application module results. The managed challenge system is constructed to include the overwritten executable code, and performs an authorization check upon acquiring control from an authorization point. The managed challenge system is linked to the rewritten application module.
-
Citations
81 Claims
-
1. A method for protecting a software application module, comprising:
-
given an application module having executable code, constructing a managed challenge system specific to the application module, said constructing including copying certain executable code from the application module and forming the managed challenge system, the certain executable code being at identified authorization points in the application module; rewriting the application module by overwriting the certain executable code at identified authorization points with control transfers to the managed challenge system, such that a rewritten application module results; for a byte sequence in the application module which matches one of said control transfers and which does not correspond with an identified authorization point, including dummy code in the managed challenge system; associating said dummy code with said byte sequence; and linking the managed challenge system to the rewritten application module wherein the steps of rewriting, constructing and linking are able to be performed by a compiler, the compiler creating a shared object that includes the managed challenge system and that is linked with the rewritten application module; and wherein the step of rewriting further comprises, without access to source code, instrumenting the application module'"'"'s executable code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A computer system for protecting a software application module, comprising:
-
a coupling tool which rewrites the application module to form a modified application module by overwriting certain executable code at identified authorization points with control transfers to a managed challenge system, the managed challenge system being application specific and being formed of; a copy of the certain executable code from the application module before the overwriting, and a runtime task table associating the identified authorization points with authorization check data and with the copied certain executable code, the authorization check data describing an authorization check to be performed upon control reaching the associated authorization point; and a coupling agent specialized from a coupling agent template, the coupling agent managing the managed challenge system, and the coupling tool linking the managed challenge system to the modified application module and wherein the coupling tool includes, for a byte sequence in the modified application module which matches one of said control transfers and which does not correspond with an identified authorization point, dummy code in the managed challenge system, and associates said dummy code with said byte sequence. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80)
-
-
81. A computer system for protecting a software application module, comprising:
-
means for rewriting the application module by overwriting certain executable code at identified authorization points with control transfers to a managed challenge system; means for constructing the managed challenge system to be specific to the application module, the managed challenge system including a copy of the certain executable code from the application module before the overwriting, the managed challenge system performing an authorization check upon acquiring control from an authorization point; and means for linking the managed challenge system to the rewritten application module, wherein for a byte sequence in the rewritten application module which matches one of said control transfers and which does not correspond with an identified authorization point, including dummy code in the managed challenge system and associating said dummy code with said byte sequence.
-
Specification