110 likes | 219 Views
Robust Object Watermarking: Application to Code. Julien P. Stern, Ga ë l Hachez,Fran ç ois Koeune, and Jean-Jacques Quisquater Presented by Seungki Hong. Outline. Introduction Algorithm Details of the scheme Analysis of attacks Conclusion Future research and question. Introduction.
E N D
Robust Object Watermarking:Application to Code Julien P. Stern, Gaël Hachez,François Koeune, and Jean-Jacques Quisquater Presented by Seungki Hong
Outline • Introduction • Algorithm • Details of the scheme • Analysis of attacks • Conclusion • Future research and question
Introduction • Introduce a new paradigm which delivers a robust watermarking technique in executable code • Motivation: the idea comes from the fact, which it is not easy to modify the code to embed information in the machine language
The Algorithm • The algorithm of watermarking in machine code: • Transform machine code to a vector (vector extraction step) This extracted vector will be marked • Define a distance of the extracted vector where a distance is the Euclidean norm • List possible attacks that can modify the data without altering its output • Compare the distance of the modified vector, after these attacks, to original one
Vector Extraction Step • Vector Extraction Let n be a security parameter. Define a set S of n ordered groups of machine language instructions. For each group of instruction i in S, compute the frequency ci of this group in the code and form the extracted vector c = (c1, …, cn).
The Scheme • Initialisation Set a detection threshold (0 < < 1) • Watermark Insertion • Apply the vector extraction step to get a vector c • Choose n coordinate vector ω = (ω1,…,ωn) whose coefficients are randomly distributed with standard deviation α • Modify the code in such a way that the new extracted vector ĉ = c + ω • Watermark Testing • Apply the extraction step to obtain a vector d • Compute a similarity measure Q between d – ĉ and ω • If Q is higher than then “marked”, else “unmarked”
Details • How to modify the code in a such way that the new extracted vector ĉ = c + ω (where c representing the number of occurrences of the group of instruction) • Perform a modification randomly to the code (correctness must be preserved) • Compute the new frequency vector • If the new frequency vector is closer to ĉ, then accept the modification, else refuse
Modification • Simple example of modification: swapping small groups of instructions mov eax, ebx sub eax, edx push eax mov eax, ebx add eax, ecx push eax xor eax, eax mov eax, ebx add eax, ecx push eax mov eax, ebx sub eax, edx push eax xor eax, eax
Analysis of Attacks • Local modification: modify the code in a similar way as modification to insert the mark • Code reordering • Code addition • Code decompiling • Code compression
Conclusion • Introduced a new vector extraction paradigm and proposed a concrete application of this paradigm to machine code • Showed that it is easier to robustly mark data which stand minor modifications (e.g code) than data which stand large modifications (e.g images)
Future research and Question • Increase the number of modifications • Study the possible modification for other languages • Modification vs Modification: Modification of the code to insert watermark and this modification can be a possible attack.