CC BY
52
METHOD OF CREATION AND ATTACHMENTS DIGITAL WATERMARK INTO AN EXECUTABLE JAVA FILE BY MEANS
OF SUBSTITUTIONS OPCODE
Pavel I. Sharikov,
St. Petersburg State University of Telecommunications of the prof. M.A. Bonch-Bruyevich, St. Petersburg, Russia, [email protected]
Andrey V. Krasov,
St. Petersburg State University of Telecommunications of the prof. M.A. Bonch-Bruyevich, St. Petersburg, Russia, [email protected]
Stanislav I. Shterenberg,
St. Petersburg State University of Telecommunications of the prof. M.A. Bonch-Bruyevich, St. Petersburg, Russia, [email protected]
Keywords: digital water mark, Java byte code, bytecode, protection of copyright, attachment, class-file, Java program, steganography, executable files, portable executable.
The article demonstrates a technique for embedding of digital watermark in java executable files to protect the copyright of program owner and the possibility of evidence in court of the rights to the source code of the program. We showed the benefits of using digital watermarks in the developed programs. We showed examples of malicious actions when it detects a licensed part of the code in the illegal program. We consider the advantages of this technique, the possible disadvantages. We conducted a review of the cases when it is necessary the use of digital watermarks in the program. We described the criteria that apply to the watermark in the java-programs, and the basic properties of the watermark. We showed examples of possible search of illegal programs on the Internet using a program operating by this method. These watermarks are imperceptible to users. Encryption and decryption procedure is divided into phases and described in detail. We showed examples of possible automation of creation process, encryption, investments and decryption with the withdrawal of the watermark from the class-files java-program. We paid special attention to possible problems with the JVM verifier when the mistaken use of variable types and syntax. Easily encrypted, easily decrypted. Watermark is resistant to changes in the program. The presence of the program which produces embedding of the watermark in the class-files does not guarantee that an attacker with the same program will be able to remove the watermark from the program. We concluded throughout the material of article, we gave advice on the use of this technique.
Information about authors
Sharikov Pavel Ivanovich, master of department of Secure systems of communication of St. Petersburg State University of Telecommunications of the prof. M.A. Bonch-Bruyevich, St. Petersburg, Russia
Krasov Andrey Vladimirovich, Ph.D, docent, chief of the St. Petersburg State University of Telecommunications of the prof. M.A. Bonch-Bruyevich, department of Secured Communication, St. Petersburg, Russia
Shterenberg Stanislav Igorevich, Post-graduate Student of the the St. Petersburg State University of Telecommunications of the prof. M.A. Bonch-Bruyevich, department of Secured Communication, St. Petersburg, Russia
Для цитирования:
Шариков П.И., Красов А.В. Методика создания и вложения цифрового водяного знака в исполняемые Java файлы на основе замен опкодов // T-Comm: Телекоммуникации и транспорт. 2017. Том 11. №3. С. 66-70.
For citation:
Sharikov P.I., Krasov A.V. (2017). Method of creation and attachments digital watermark into an executable Java file by means of substitutions opcode. T-Comm, vol. 11, no.3, pp. 66-70.
Introduction
At this moment, the most popular programming language is Java. In this language it is written a lot of applications that are used in a variety of areas, ranging from cash registers in supermarkets, and ending with the banking sector. Consequence of this is an increased interest of unscrupulous users to program, parts of the various projects that are written in Java or run on JVM.
Java programs are cross-pi at form, and there are a lot of sites those using Java-applets, the client-server logic. Thus, this language covers all aspects of IT, whether ¡1 be contactiess cards, routers or cisco hardware.
Of course, such a popular language makes itself known. Javafiles are easily analyzed. An experienced specialist can easily get the source codc, having the class-file of your Java-program, it was discussed in previous articles [1]. Aiso, in previous articles, you can learn more about why as a container for hidden embedding of digital watermark has been selected java-file [2]. Also, there are a lot of decompilers java-files. But what should you do if you want to protect your software against theft or infringement of intellectual property?
This article discusses one option of digital watermark investments in the class- file java with the purpose of copyright protection. This method is transparent to the users of the program, but it allows us to identify the illegal program, which contains stolen from you class-files.
The main advantages of the method:
1. Users of the program do not know the location of the watermark.
2. Watermarks in the programs will be saved. Attackers cannot remove them from the program, even if the method of embedding of digital watermark or the instrument will be in the public domain,
3. Even in case of theft only a part of the program, watermark easily decoded in those parts of the program where it may exist.
4. Watermark in the program does not reduce the speed and efficiency of the program.
Firstly, we analyze where watermark is necessary, discuss important features of this method. After analysis of the basic properties of the method, we show the method algorithm to create a watermark in a Java program, procedures of encryption and decryption, signing throughout the material.
Cases where watermark is necessary
Proof of the theft of software.
Even if the stolen software was found, often very difficult to prove who is the true developer program. An attacker, who stole someone else's class-file, may at any time declare that he is the program developer. In this case, you will need proof that confirms that the program is designed by you, and that the attacker must pay you a penalty for illegal use of your product, and punished accordingly, in accordance with RF Criminal Code.
For sueh a situation, the signature, that previously built into the program as a digital watermark authenticates the developer as the original creator of the program, thereby protecting his interests. Your watermark, which is located in a foreign program, is proof that your program was stolen. As soon as the digital
watermark is detected, it should be decoded, and the result will make it clear who is the real software developer.
Finding illegal program.
For program developers on java is not easy to find an illegal program that contains or uses stolen class-files. For example, during the inspection, or start the program, most likely, you will not be able to understand, is it legal relative to your program or not. Because the developers of such programs does not indicate in the specifications, where were taken certain policy decisions or files, especially if stolen small portion of source code. This difficulty in finding illegal software is rather acute problem of java-developers, who want to protect their copyright.
Watermark - effective solution for finding illegal software. For example, the illegal program can be easily detected using an agent that decodes watermarks operating over the Internet. The agent may search java-pro gram in network, load them, and then check location of your watermark in it. If the program turns out to be illegal and contains watermark of licensing program developer, the agent informs him about the illegal use of his development.
Encoding watermarks does not change the specifications of the program. This property must be satisfied in any encoding method for computer programs.
Properties of watermarking
!n this section, we denote properties of the encoding method and watermark. Below we present the criteria of encoding method of digital watermark that should be satisfied.
1. Encoding watermarks does not change the specifications of the program. This property must be satisfied in any encoding method for computer programs.
2. Programmer encoding watermark must have a way of its decoding. Ideally, the creation of watermark performed automatically, as well as its investment in the program. It is natural that program developers want to easily check whether a target program contains a stolen program or not. If for confirmed, that the program is stolen, it is necessary to watch the full code of the target program and its comprehensive analysis, in this case, there is no need and effectiveness of digital watermark. In this case, the best option will be the possibility of automatic decoding of digital watermark, in order to save time and money.
3. The watermark should be placed in the program wherever it is possible. Of course, a number of restrictions imposed on this property. For example, the functionality of the program should not be affected, it's displaying to the user, the speed and size of the occupied space on your hard disk. But this property is highly important, because usually steal part of the program, the piece of code. In this situation, the decoding algorithm should not depend on the location of the watermark.
4. A method for removing, changing, checking or embedding with watermark cannot be derived from the watermark encoding method. The method described in this article, and the article can read anyone, so this property is not less important than all of the above.
5. Watermarks in programs should not reduce the execution efficiency. Since there are programs that are very sensitive to a reduction in speed, this property rendered as a separate item.
In case we need to encode a sentence, such as 'COPYRIGHT 2016 BY SHARIKOV PAVEL', first we need to translate the sentence into a bit sequence, then we encode the bit sequence into the program. Figure 2 shows ail example of a sentence encoding. In this example a word 'ABCDE' has been encoded into bytecode. At first, we have assigned 'A' to 000002, 'B' to 000012, 'C* to 000102, 'D' to 0001 % and 'E* to 001002, then we have encoded a bit sequence "00000000010001000011001001 to the program.
watermark
adres". by ticodc mnemonic
1000 02 icons l_ml
1001 60 iadd
1002 60 iadd
1003 68 imull
1004 3E istorej!
1005 84 01 21 iinc 01 21
1008 1C iload_2
1009 10 90 bipush 90
Figure 2, Example watermark
Decoding procedure
In the watermark decoding phase, there is an assumption that we know the relation between bytecodes and their assigned bits, and also the relation between bit sequences and alphabets.
The decoding algorithm is very simple. We simply do the exactly opposite procedure of watermark injection procedure, from top of every method. Both opcodes and operands in each class method should be replaced into bit sequence, then, they should be replaced into alphabet sequence. After that, watermark will appear from the dummy method (Figure 3). This decoding procedure can be automated, so that even in case only a part of a program was stolen and was built into other program, the watermark is easily decoded wherever it may exist in the program.
lomoio
1014)101 10111111 10100000 «0011101
Decoding
mL'thud 1: YKTT WHWIPPWQ PPPPPQO^T. mei bod 2: JFBFBFFF FWVWV ETHTIMH WW
method 3: NENENE I KEKESFF PP....._.......
method 4: ...COPYRIGHTBY SHARIKOV,,____
method?: FONt'JNt IJFOIBOIE YIJJJJJW
Conclusion
In this paper, we proposed a method of creation of digital watermark, applicable to existing Java programs, hi most cases, attackers steal java program blocks, which are then used in other programs. In most cases, the stolen class-files are used in illegal programs. Using this technique, software developers will be able to protect an important class-files of their program by embedding watermark in class-files. This method is easy and practical, because the watermark can be easily decoded in a suspicious program, in any plaec where the stolen class-file was used.
References
1 Sharikov P.I. (2016). A technique of effective protection of bytes codes of the Java based application. 70tli a regional scientific and technical conference of students, graduate students and young scientists "Student's spring - 2016", collection of scientific articles pp. 266-270.
2. Sharikov P.I. (2015). A technique finding of value of the most favorable container in the executable formats. High technologies in space researches of Earth, No5, pp. 58-62.
3. Krasov A. V., Shierenberg S.I., Vereshchagin A.S. (2013). Development of methods of protection against copying of a software on the basis of the digital water marks implemented in executable and lib tiles. Saints Petersburg: Urgent problems of infokommunikation in science and education, pp. 847-852.
4. Krasov A.V., Vereshchagin A.S.. Abalurov KS.. Reznik MY. (2012). Methods of the hidden attachment of information in executable files. Saints Petersburg: News Saints Petersburg State Electrotechnical University of "LETl", No8, pp. 51-55.
5. Krasov A. V., Vereshchagin A.S,, Tsvetkov A.Yu. (2013). Authentication of the software by means of attachment of digital water marks in executable code. M. Telecommunications Special issue, pp. 27-30.
6. Homyakov I.N.. Krasov A.V. The Possibility of the hidden attachment of information in the Java byte code. Information technologies of simulation and control of ISSN 1813-9744, pp. 185-191.
7. Homyakov I.N.. Krasov A. V. (2013). The analysis 0opportunities of the hidden attachment of information in structure of the java byte code. Urgent problems of infotelekommunikation in science and education the II International scientific and technical and scientific and methodical conference, pp. 859-861.
8. Nechta I.V. (2009). The Steganography in tiles of the Portable Executable formal. The Messenger of Siberian State University of Telecommunications and Informatics, No 1, pp. 87-89.
9. Cay S. Horstmann, Gary CornelI (2013). Core Java, Volume II-Advanced Features (9th Edition) (Core Series): Prentice Hall, 1118 p.
Watermark derived fram method 4 (dummy method)
Figure 3. Example of watermark decoding
МЕТОДИКА СОЗДАНИЯ И ВЛОЖЕНИЯ ЦИФРОВОГО ВОДЯНОГО ЗНАКА В ИСПОЛНЯЕМЫЕ
JAVA ФАЙЛЫ НА ОСНОВЕ ЗАМЕН ОПКОДОВ
Шариков Павел Иванович, магистр кафедры Защищённых систем связи СПбГУТ им. проф. М.А. Бонч-Бруевича, Санкт-Петербург, Россия, [email protected]
Красов Андрей Владимирович, к.т.н., доцент, заведующий кафедрой Защищённых систем связи СПбГУТ им. проф. М.А. Бонч-Бруевича, Санкт-Петербург, Россия, [email protected]
Штеренберг Станислав Игоревич, аспирант, кафедры Защищённых систем связи СПбГУТ им. проф. М.А. Бонч-Бруевича, Санкт-Петербург, Россия, [email protected]
Аннотация
Статья демонстрирует методику для вложения цифрового водяного знака в исполняемые файлы java для защиты авторского права владельца программы и возможности доказательства в суде прав на исходный код программы. Указаны плюсы использования цифровых водяных знаков в разрабатываемых программах. Приведены примеры действий злоумышленников при обнаружении лицензированной части кода в нелегальной программе. Рассматриваются плюсы данной методики, возможные недостатки. Произведен обзор случаев, когда необходимо использование цифровых водяных знаков в программе. Описаны критерии, предъявляемые к водяным знакам в java-программах, также основные свойства водяных знаков. Приведены примеры возможного поиска нелегальных программ в интернете с помощью программы работающей по данной методике. Данные водяные знаки не заметны пользователям. Процедура шифрования и дешифрования разделена на фазы и подробно описана по шагам. Приведены примеры возможной автоматизации процесса создания, шифрования, вложения и расшифровки с изъятием водяного знака из class-файлов java-программы. Обращено особое внимание на возможные проблемы с верификатором JVM при неправильном использовании типов переменных и синтаксиса языка. Легко шифруются, легко дешифруются. Водяной знак устойчив к изменению программы. Наличие программы производящей вложение водяного знака в class-файлы, не гарантирует, что злоумышленник, имеющий ту же программу, сможет извлечь водяной знак из программы. Сделан вывод по всему материалу статьи, даны рекомендации по использованию данной методики.
Ключевые слова: цифровой водяной знак, байт-код Java, bytecode, защита авторских прав, вложение, class-файл, Java программа, стеганография, исполняемые файлы, portable executable.
Литература
1. Шариков П.И. Методика эффективной защиты байт-кода Java-приложения // 70-я региональная научно-техническая конференция студентов, аспирантов и молодых ученых "Студенческая весна - 2016": сборник научных статей С. 266-270.
2. Шариков П.И. Методика нахождение величины наиболее выгодного контейнера в форматах исполняемых файлов // Наукоемкие технологии в космических исследованиях Земли, Т. 7., №5, 2015. С. 58-62.
3. Красов А.В., Штеренберг С.И., Верещагин А.С. Разработка методов защиты от копирования ПО на основе цифровых водяных знаков внедряемых в исполнимые и библиотечные файлы // СПб.: Актуальные проблемы инфокоммуникаций в науке и образовании 2013. C. 847-852.
4. Красов А.В., Верещагин А.С., Абатуров В.С., Резник М.В. Методы скрытого вложения информации в исполняемые файлы // СПб.: Известия СПбГЭТУ "ЛЭТИ", №8, 2012. C. 51-55.
5. Красов А.В., Верещагин А.С., Цветков А.Ю. Аутентификация программного обеспечения при помощи вложения цифровых водяных знаков в исполняемый код // М. Телекоммуникации Спецвыпуск 2013. С. 27-30.
6. Хомяков И.Н., Красов А.В. Возможность скрытого вложения информации в байт-код Java // Информационные технологии моделирования и управления. С. 185-191.
7. Хомяков И.Н., Красов А.В. Анализ возможностей скрытого вложения инфомрации в структуру байт-кода Java // Актуальные проблемы инфотелекоммуникаций в науке и образовании II Международная научно-техническая и научно-методическая конференция, 2013. С. 859-861.
8. Нечта И.В. Стеганография в файлах формата Portable Executable // Вестник СибГУТИ, №1, 2009.
9. Cay S. Horstmann, Core Java, vol. II. Advanced Features (9th Edition) (Core Series). 2014. 1118 p.
