云计算环境约束下的软件水印方案

doi:10.11959/j.issn.2096-109x.2016.00083

Abstract

Abstract:

A non-equivalent semantic obfuscation-based software watermarking,scheme was introduced to satisfy the demands of software intellectual property breaches in cloud.Via obfuscated source codes,part of semantics was cut into a recovery module to make the source code unavailable.Watermarks map to transform rules were embedded concurrently into these obfuscated codes.The recovery module was a recognizer to prove the watermarks when the original program was recovering.Experimental results,using Java decompliers,indicate that the code become ob-fuscated,is difficult to reverse engineering,thereby mabe the watermarks robust.

Key words: cloud computing, software watermarking, non-equivalent semantic obfuscation, robustness

CLC Number:

TP391

Guang SUN,Xiao-ping FAN,Wang-dong JIANG,Hang-jun ZHOU,Sheng-zong LIU,Chun-hong GONG,Jing ZHU. Software watermarking scheme with cloud computing constraints[J]. Chinese Journal of Network and Information Security, 2016, 2(9): 12-21.

Figures/Tables 8

References 27

[1]	Cloud security alliance. Security guidance for critical areas of focus in cloud computing V3.0[EB/OL]. .
[2]	Cloud security alliance. Top threats to cloud computing V2.0[EB/OL]. .
[3]	Cloud security alliance. The notorious nine:cloud computing top threats in 2015[EB/OL]. .
[4]	Cloud security alliance. Security guidance for critical areas of mobile computing[EB/OL]. .
[5]	YU Z W , WANG C K , THOMBORSON C . A novel watermarking method for software protection in the cloud[J]. Software-Practice ＆Experience, 2000,42(4):409-430.
[6]	NISHIMAKI R , WICHS D , ZHANDRY M . Anonymous traitor tracing:how to embed arbitrary information in a key[C]// Annual International Conference on the Theory and Applications of Cryp-tographic Techniques. 2016:388-419.
[7]	BITANSKY N , GOLDWASSER S , JAIN A , et al. Time-lock puz-zles from randomized encodings[C]// The 2016 ACM Conference on Innovations in Theoretical Computer Science. 2016:345-356.
[8]	COLLBERG C , HUNTWORK A , CARTE E . More on graph theo-retic software watermarks:implementation,analysis,and attacks[J]. Information and Software Technology, 2009,51(1):56-67.
[9]	HAMILTON J , DANICIC S . An evaluation of the resilience of static java bytecode watermarks against distortive attacks[J]. Inter-national Journal of Computer Science, 2011,38(1):90-104.
[10]	KAZUO O , YUANYU W , YUTAKA H , et al. A new watermarking method with obfuscated quasi-chirp transform[J]. Digital Forensics and Watermarking, 2012(7128):57-71.
[11]	ROSADO D G , GóMEZ R , MELLADO D , et al. Security analysis in the migration to cloud environments[J]. Future Internet, 2012,4(2):469-487.
[12]	GROBAUER B , WALLOSCHEK T , STOCKER E . Understanding cloud computing vulnerabilities[J]. IEEE Security Privacy, 2011,9(2):50-7.
[13]	JANSEN W A . Cloud hooks:security and privacy issues in cloud computing[C]// The 44th Hawaii International Conference on Sys-tem Sciences. 2011:1-10.
[14]	ZISSIS D , LEKKAS D . Addressing cloud computing security issues[J]. Futur Gener Comput Syst, 2012,28(3):583-592.
[15]	OWENS D . Securing elasticity in the cloud[J]. Commun ACM, 2010,53(6):46-51.
[16]	BISONG A , RAHMAN S . An overview of the security concerns in enterprise cloud computing[J]. International Journal of Network Security ＆ Its Applications, 2011,3(1):30-45.
[17]	HWANG K , LI D . Trusted cloud computing with secure resources and data coloring[J]. IEEE Internet Computing, 2010,14(5):14-22.
[18]	张立和，杨义先，钮心忻，等. 软件水印综述[J]. 软件学报, 2008,14(2):268-27.
	ZHANG L H , YANG Y X , NIU X X , et al. Review of software wa-termarking[J]. Journal of Software, 2008,14(2):268-27.
[19]	NAGRA M , CHRONI J , NIKOLOPOULOS S D . An efficient graph codec system for software watermarking[C]// Computer Software and Applications Conference(COMPSACW2012). 2012:595-600.
[20]	COLLBERG C , THOMBORSON C . Watermarking,tamper-proofing,and obfuscation-tools for software protection[J]. IEEE Transactions on Software Engineering, 2012,28(3):735-746.
[21]	COLLBERG C , THOMBORSO C , GREGG M . Dynamic graph-based software watermarking[J]. ACM Transactions on Program-ming Languages and Systems, 2007,29(6):77-89.
[22]	ARBOIT G . A method for watermarking java programs via opaque predicates[C]// The 5th International Conference on Electronic Commerce Research(ICECR-5). 2012:102-106.
[23]	KAMEL I , ALBLUWI Q . A robust software watermarking for copyright protection[J]. Computers ＆ Security, 2009,28(2):395-409.
[24]	芦斌，罗向阳，刘粉林 . 一种基于混沌的软件水印算法框架及实现[J]. 软件学报, 2007,18(2):351-360.
	LU B , LUO X Y , LIU F L . An algorithm framework and realization based on chaos software watermarking[J]. Journal of Software, 2007,18(2):351-360.
[25]	DAI P F , WANG C K , YU Z W , et al. A software watermark based architecture for cloud security[J]. Web Technologies and Ap-plications, 2012(7235):270-281.
[26]	YU Z W , WANG C K , THOMBORSON C . A novel watermarking method for software protection in the cloud[J]. Software—Practice＆ Experience, 2013,32(12):114-129.
[27]	AKRAM M , ADAMU A . Steganographic software:analysis and implementation[J]. International Journal of Computers and Com-munications, 2012,6(1):35-42.

Metrics

Recommended 0

No Suggested Reading articles found!

状态	输入/输出	状态转换	状态	输入/输出	状态转换
	goto/if_icmpne	q₄		goto/if_icmpne	q₅
	if_icmpne/goto	q₇		if_icmpne/goto	q₄
	iload_1/iconst_2	q₅		iload_1/iconst_2	q₂
q₀	iconst_1/iload_1iconst_2/iconst_1	q₂q₁	q₄	iconst_1/iremiconst_2/iload_2	q₁q₃
	iadd/irem	q₆		iadd/iload_1	q₀
	iload_2/iadd	q₃		iload_2/iconst_1	q₇
	irem/iload_2	q₀		irem/iadd	q₆
	goto/goto	q₁		goto/goto	q₀
	if_icmpne/if_icmpne	q₃		if_icmpne/if_icmpne	q₁
	iload_1/iconst_1	q₄		iload_1/irem	q₄
q₁	iconst_1/iconst_2iconst_2/iload_1	q₂q₀	q₅	iconst_1/iload_2iconst_2/iload_1	q₂q₃
	iadd/iload_2	q₆		iadd/iconst_2	q₆
	iload_2/irem	q₇		iload_2/iadd	q₅
	iload_2/irem	q₅		goto/if_icmpne	q₇
	goto/if_icmpne	q₇		iconst_1/iconst_2	q₂
	if_icmpne/goto	q₀		goto/if_icmpne	q₅
	iload_1/iload_2	q₆		if_icmpne/goto	q₄
q₂	iconst_1/iconst_1iconst_2/iconst_2	q₅q₄	q₆	iload_1/iload_1iconst_1/iconst_1	q₁q₆
	iadd/iadd	q₃		iconst_2/iconst_2	q₇
	iload_2/iload_1	q₁		iadd/iadd	q₀
	irem/irem	q₂		iadd/iload_2	q₃
	goto/goto	q₃		goto/goto	q₆
	if_icmpne/goto	q₆		if_icmpne/if_icmpne	q₂
	if_icmpne/iadd	q₂		iload_1/iconst_1	q₅
q₃	iload_1/iconst_1iconst_1/iadd	q₅q₁	q₇	iconst_1/iaddiconst_2/iload_2	q₃q₄
	iconst_2/irem	q₇		iadd/irem	q₁
	iadd/iload_2	q₄		iload_2/iload_1	q₇
	iload_2/iconst_2	q₀		iload_1/iconst_1	q₀

工具名称	程序开发语言	版本	注释
ocha	Java	Beta 1	the first Java decompiler
SourceTec Decompiler	Java	1.10	Jasmin Java Decompiler a patch of Mocha
Jad	Non-Java,win32	1.5.8e2
Front End Plus	Non-Java,win32	1.04	Jad engine
DeJava	Non-Java,win32	1.0	Jad engine
Decafe Pro	Non-Java,win32	3.9	Jad engine
CavajJava Decompiler	Non-Java,win32	1.11	Jad engine,trial version
DJ Java Decompiler	Non-Java,win32	3.2.2.67	Jad engine
NMI's Java Class Viewer	Java	5.1	Jadengine,evaluation version
JReversePro	Java	1.4.1
JODE	Java	1.1.1
JCavajJava Decompiler	Java	1.0	JODE engine
HomeBrew Decompiler	Non-Java,Unix	0.22	Under development
Dava Decompiler	Java	1.2.5	Soot 1.2.5
Jshrink	Java	2.26	Evaluation version
ClassSpy	Java	2.0
jAscii	Java	1.0.20	Evaluation version
ClassCracker	Java	3.01	Commercial,demo version
SourceAgain	Unknown	1.1	Commercial,web version
WingDis	Unknown	2.16	Commercial,nodemo version

反编译器	混淆前	混淆后	水印
Numberof obfuscated instructions	200	213	—
ocha	O	□	存在
SourceTec Decompiler	O	□	存在
Jad	O	△	存在
Front End Plus	O	△	存在
DeJava	O	△	存在
Decafe Pro	O	△	存在
CavajJava Decompiler	O	△	存在
DJ Java Decompiler	O	△	存在
NMI's Java Class Viewer	O	△	存在
JReversePro	O	□	存在
JODE	O	×	存在
JCavajJava Decompiler	O	×	存在
HomeBrew Decompiler	O	×	存在
Dava Decompiler	O	○	破坏
Jshrink	O	△	存在
Class Spy	O	×	存在
jAscii	O	△	存在
ClassCracker	O	×	存在
SourceAgain	O	×	存在
WingDis	O	×	存在

算法简称	水印技术	水印嵌入结果	水印提取结果
W1	StringConstant	无法嵌入	无法提取
W2	Stern	成功	无法提取
W3	RegisterType	成功	无法提取
W4	Qu/Potkonjak	成功	无法提取
W5	Monden	成功	无法提取
W6	Graph	成功	无法提取
W7	AddMethField	成功	无法提取
W8	AddSwitch	成功	无法提取
W9	Addinitialization	无法嵌入	无法提取
W10	AddExpression	成功	无法提取

Software watermarking scheme with cloud computing constraints

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 8

References 27

Related Articles 15

Metrics

Recommended 0

[1]	Mingying ZHANG, Bing HUA, Yuguang ZHANG, Haidong LI, Mohong ZHENG. Robust reinforcement learning algorithm based on pigeon-inspired optimization [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 66-74.
[2]	Lingshu LI, Jiangxing WU, Wei ZENG, Wenyan LIU. Strategy of container migration and honeypot deployment based on signal game in cloud environment [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 87-96.
[3]	Dian LIN, Li PAN, Ping YI. Research on the robustness of convolutional neural networks in image recognition [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 111-122.
[4]	Shang LIU, Yinzhang GUO. Multi-authority based CP-ABE proxy re-encryption scheme for cloud computing [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 176-188.
[5]	Yi ZHANG, Liqin TIAN, Zenan WU, Wenxing WU. Trust evaluation optimization mechanism for cloud user behavior based on FANP [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 175-182.
[6]	Haoran SHI, Lixin JI, Shuxin LIU, Gengrun WANG. Abnormal link detection algorithm based on semi-local structure [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 63-72.
[7]	Pengcheng WANG, Haibin ZHENG, Jianfei ZOU, Ling PANG, Hu LI, Jinyin CHEN. Robustness evaluation of commercial liveness detection platform [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 180-189.
[8]	Zhenglong WANG, Baowen ZHANG. Survey of generative adversarial network [J]. Chinese Journal of Network and Information Security, 2021, 7(4): 68-85.
[9]	Jinyin CHEN, Dunjie ZHANG, Guohan HUANG, Xiang LIN, Liang BAO. Adversarial attack and defense on graph neural networks: a survey [J]. Chinese Journal of Network and Information Security, 2021, 7(3): 1-28.
[10]	Qi WU,Hongchang CHEN. Low failure recovery cost controller placement strategy in software defined networks [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 97-104.
[11]	Kang HE,Yuefei ZHU,Long LIU,Bin LU,Bin LIU. Improve the robustness of algorithm under adversarial environment by moving target defense [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 67-76.
[12]	Ying WU,Xuan LI,Biao JIN,Rongrong JIN. Survey on the privacy-preserving content based image retrieval [J]. Chinese Journal of Network and Information Security, 2019, 5(4): 14-28.
[13]	Hao ZHAO,Wei LIN,Shengli LIU. Method for robust enhancement of P2P network [J]. Chinese Journal of Network and Information Security, 2019, 5(2): 88-94.
[14]	Ying LI, Chunguang MA. Overview of searchable encryption research [J]. Chinese Journal of Network and Information Security, 2018, 4(7): 13-21.
[15]	Mengyang YU,Hui LIN,Youliang TIAN. New cross-layer reputation mechanism for mobile cloud computing [J]. Chinese Journal of Network and Information Security, 2018, 4(3): 51-58.