H12.1 15-Mar-01 Clark Thomborson Software Security CompSci 725 Handout 12: Student Presentations, Watermarking & Obfuscation Clark Thomborson University.

Slides:



Advertisements
Similar presentations
? What is the correct order of working steps? 1.Methods 2.Results 3.Figures 4.Tables 5.Introduction 6.References 7.Discussion 8.Abstract.
Advertisements

The Writing Process Communication Arts.
30 March 2015CompSci725 s2c 08 h71 Software Security CompSci 725 Handout 7: Oral Presentations, Projects and Term Reports 30 July 2008 Clark Thomborson.
Techniques for Software Watermarking and Fingerprinting Prof. Clark Thomborson Presentation at Tsinghua University 17 th March 2010.
Jump to first page ©2003, Darby Dickerson. License given for educational use. Cite & Source Steps and Strategies.
1 A Functional Taxonomy for Software Watermarking Jas Nagra, Clark Thomborson University of Auckland Christian Collberg University of Arizona.
Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.
The Writing Process.
CO1010 IT Skills in Science Lecture 3: Good Practice in Report Writing.
Working on a Mini-Project Anders P. Ravn/Arne Skou Computer Science Aalborg University February 2011.
Welcome to the HSC Study Day For Science. Session Outline  The Content  The Syllabus  The Biggest Secret of All!  The Biggest Mistake of All!  The.
PEER REVIEW DAY. WRITER Read through your paper once. The back of your paper, list (a) what you believe your strengths are on this draft, and (b)what.
Essay/Assignment Writing: Planning to Editing
Level 2 IT Users Qualification – Unit 1 Improving Productivity Name.
LINC Volunteer Course NorQuest College. The word “blog” is a short form of “web log.” A blog is an online place for you to share your ideas, thoughts,
1 Plagiarism and How to Prevent it Rick Greenfield EDTC 560 October 22, 2003 Home Page Home Page.
An Introduction to Content Management. By the end of the session you will be able to... Explain what a content management system is Apply the principles.
Creating Your Own Website
How to Create a Research PowerPoint
Medical English Fall 2013 Week Two Guidelines for oral presentation skills and term papers Introduction to research paper, bibliography, documentation.
Level 2 IT Users Qualification – Unit 1 Improving Productivity
IMSS005 Computer Science Seminar
O VERVIEW OF THE W RITING P ROCESS Language Network – Chapter 12.
February-March I wonder…  WHO is the greatest scientist of all time?  WHAT is the science behind those cool skateboarding tricks?  HOW has technology.
How to Write An Abstract FOR YOUR PACE 8 PROJECT.
HU113: Technical Report Writing Prof. Dr. Abdelsamie Moet Fall 2012/13 Pharos University in Alexandria Faculty of Engineering Lecture 5: Preparation.
Report Writing Sylvia Corsham De Montfort University 2008/9 (in association with Vered Hawksworth BSc.)
CompSci 725 Handout 7: Oral Presentations, Projects and Term Reports Version July 2009 Clark Thomborson University of Auckland.
Multimedia Copyright Protection Technologies M. A. Suhail, I. A. Niazy
Capstone Presentation Guideline February 2010 Middletown High School Middletown Public Schools.
Unit 6 The Multigenre Research Project. Unit 6 In this unit, you will select someone to study who has made significant contributions to society. You can.
EE LECTURE 4 REPORT STRUCTURE AND COMPONENTS Electrical Engineering Dept King Saud University.
Language Development: The Course Jan. 6, The Course Designed to give students a comprehensive understanding of language development, primarily in.
Steps to Writing A Research Paper In MLA Format. Writing a Research Paper The key to writing a good research paper or documented essay is to leave yourself.
Research Paper Assignment CS 435 Winter, As an important part of the course requirement, each student will participate in a group project to prepare.
This document will help you plan your online course. Complete it before you begin developing your course in Mzinga Publisher. The next three pages with.
CS255 Communication Skills Aidan Mooney
1 Experience With Software Watermarking Author: Jens Palsberg et al. Presenter: Charles He “Embedding Watermarking in dynamic data structures … can be.
How to Write An Abstract For Your PACE 8 Project.
Unit 1 – Improving Productivity
4th grade Expository, biography Social Studies- Native Americans
STEGANOGRAPHY AND DIGITAL WATERMARKING KAKATIYA INSTITUTE OF TECHNOLOGY AND SCIENCES,WARANGAL.
Protecting Software Code By Guards The George Washington University Cs297 YU-HAO HU.
November 30,  After coming into class and taking your seat quietly, take out your class materials.  Papers in the Pick Up Box  If you did not.
 November 30,   After coming into class and taking your seat quietly, take out your class materials.  Papers in the Pickup Box  If you did.
Intermediate 2 Computing Unit 2 - Software Development.
Professional Writing and Research Skills Practicum in LPSCS.
Communication Arts The Writing Process. Communication Arts Five Stages of the Writing Process Prewriting Drafting Revising Editing Publishing.
Fingerprinting Text in Logical Markup Languages Christian D. Jensen G.I. Davida and Y. Frankel (Eds.): Proc. Information Security Conference 2001, Lecture.
The Research Paper Created by A. Smith, T. Giffen & G. AuCoin Prince Andrew High School, January 2008.
Internet Literacy Evaluating Web Sites. Objective The Student will be able to evaluate internet web sites for accuracy and reliability The Student will.
Welcome Please get out your rough draft and get ready for a peer editing workshop! You need a funky colored pen. Random fact of the day: 1.
Experience with Software Watermarking Jens Palsberg, Sowmya Krishnaswamy, Minseok Kwon, Di Ma, Qiuyun Shao, Yi Zhang CERIAS and Department of Computer.
  Writing a Research Paper  Creating a Technological Presentation  Creating a Display Board  Writing a Test Guidelines for the Following.
Annotated Bibliography A how to for Sociology & The Culture Project Taken from Purdue Owl!
How to Turnitin Dr Stephen Rankin Lecturer in Academic Writing and Literacy Murdoch University A 6 step guide for submitting your assignments to Turnitin.
Text2PTO: Modernizing Patent Application Filing A Proposal for Submitting Text Applications to the USPTO.
The “TO DO” List for Research Papers Revise materials and methods- should fit what actually happened. Groups may need to change “process.” Ex: the group.
WR090 Skilled Writing through Inquiry: A Community of Scholars Examines Success, Grit, and Creative Intelligence WEEK 5 Tue., October 22, 2013.
1 Digital Water Marks. 2 History The Italians where the 1 st to use watermarks in the manufacture of paper in the 1270's. A watermark was used in banknote.
Good Morning  Please be sure to take care of your belongings.
Dr.V.Jaiganesh Professor
How to Develop and Write a Research Paper.
Hardware Protection Against Software Piracy
Good Morning  Please be sure to take care of your belongings.
Lesson 9 Sharing Documents
Software Watermarking Deterring Software Piracy
Internet Literacy Evaluating Web Sites.
Presentation transcript:

h Mar-01 Clark Thomborson Software Security CompSci 725 Handout 12: Student Presentations, Watermarking & Obfuscation Clark Thomborson University of Auckland

h Mar-01 Clark Thomborson Choosing the Technical Article you will Present Please refer to Handout 6: Bibliography. Handout 9 is a class list, indicating the Order in which students will make presentations. Pick a few papers you would like to present. I will briefly discuss about half of these papers, then I’ll call for volunteers. If there is more than one volunteer, the person with the lowest “Order” will present this paper.

h Mar-01 Clark Thomborson Preparing your Presentation Read your paper carefully. Outline your paper: 1 “point” per page or section. Pick one “point” to present in detail in your presentation. If your article is more than 8 pages long, choose 5 to 8 pages that are suitable for a class handout – these pages should explain the “point” you will present in detail. Outline your presentation: one sentence per slide. Construct a first draft of your presentation: use PowerPoint or your favourite presentation builder (not MS Word!)

h Mar-01 Clark Thomborson Presentation Requirements 1. Give your 5- to 8-page handout to me (so that I can duplicate it for distribution to the class) by 10am Wednesday in the week BEFORE your presentation. 2. Your slideshow presentation must last 8 to 12 minutes, not counting time spent on questions and answers from the class. 3. Your question-and-answer time must last 2 to 8 minutes – you must initiate the discussion with at least one question printed in your slideshow. 4. Transmit the final version of your.pps or other online slideshow document to me by to me, at so I can mount it on the class website.

h Mar-01 Clark Thomborson Contents of Your Presentation You should prepare seven to ten slides: –title slide (possibly including a sample quotation) –outline of your talk –four to seven slides, explaining one topic in detail –conclusion –one or two questions, to stimulate discussion Rehearse your presentation with a friend, at least once. You may ask me for feedback by – I’ll try for a 3-day turnaround. Revise your talk for clarity, and to fit the 8-12 minute time limit. You’ll spend 10+ hours preparing your presentation!

h Mar-01 Clark Thomborson My Expectations Presenters should show appreciative and critical understanding of their article, through –the contents of their slides –their oral comments when presenting their slides, and –their handling of the discussion. Non-presenters should have read the article before the presentation begins. All students should have a working knowledge of what was presented & discussed in class. (This will be tested in your final examination.)

h Mar-01 Clark Thomborson Your Term Project Report When reading your article, you should start thinking about how to use it as a basis for a written report. Initial ideas: –Compare/contrast your article’s technology (or analysis or research finding) to some other published work –Discover an article describing an extension or application of this technology –Identify a point of confusion or difficulty in your article and explain it “better than the author did” (with appropriate references).

h Mar-01 Clark Thomborson Requirements for Reports Your report should consist of nine to thirteen pages of 12-point type with generous margins and 1.5 line spacing. If you use someone else’s words, put these in quotation marks and add a reference to your source. (We’ll talk about direct quotations, plagiarism and paraphrase next week.) You should make good use of at least three published works. Your sources must be listed with full (and accurate) bibliographic details at the end of your report. Try to match the style of one of the articles you read in this class. Technical words must be spelled and used correctly. You should use a spell-checker and a grammar checker (e.g. MS Word), however I will not mark you down for grammatical mistakes and spelling errors on non-technical words.

h Mar-01 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer Science Tech Report 170 University of Auckland 4 February 2000 accepted with minor revision by IEEE TSE

h Mar-01 Clark Thomborson Watermarking and Fingerprinting Image, audio, video, text… Visible or invisible marks Fragile (“licensing marks”) or robust (“authorship marks”) Watermarking 1. Discourages theft 2. Allows us to prove theft Fingerprinting 3. Allows us to trace violators Watermark: a secret message embedded into a cover message.

h Mar-01 Clark Thomborson Watermarking Variants The watermark may be visible and robust (difficult to remove), providing a proof of ownership or authorship. The watermark may be fragile (obliterated by any modification, perhaps even including copying), proving authenticity or validity of a license.  The watermark may be invisible and robust, providing proof of ownership and security from theft. Fingerprinting is a variant of watermarking in which we put a unique customer-ID in each object we distribute. Piracy can be detected if we discover duplicate fingerprints, and these fingerprints identify the (witting or unwitting) source of the distribution.

h Mar-01 Clark Thomborson Our Desiderata for WMs Watermarks should be stealthy -- difficult for an adversary to locate. Watermarks should be resilient to attack -- resisting attempts at removal even if they are located. Watermarks should have a high data-rate -- so that we can store a meaningful message without significantly increasing the size of the object.

h Mar-01 Clark Thomborson Attacks on Watermarks Subtractive attacks: remove the WM without damaging the cover. Additive attacks: add a new WM without revealing “which WM was added first”. Distortive attacks: modify the WM without damaging the cover. Collusive attacks: examine two fingerprinted objects, or a watermarked object and its unwatermarked cover; find the differences; construct a new object without a recognisable mark.

h Mar-01 Clark Thomborson Defenses for Software Watermarks Obfuscation: we can modify the software so that a reverse engineer will have great difficulty figuring out how to reproduce the cover without also reproducing the WM. Tamperproofing: we can add integrity-checking code that (almost always) renders it unusable if the object is modified.

h Mar-01 Clark Thomborson Classification of SW Watermarks Static code watermarks are stored in the section of the executable that contains instructions. Static data watermarks are stored in other sections of the executable.  Dynamic data watermarks are stored in a program’s execution state. Such watermarks are resilient to distortive (obfuscation) attacks.

h Mar-01 Clark Thomborson Dynamic Watermarks Easter Eggs are revealed to any end-user who types a special input sequence. Execution Trace Watermarks are carried (steganographically) in the instruction execution sequence of a program, when it is given a special input.  Data Structure Watermarks are built (steganographically) by a program, when it is given a special input sequence (possibly null).

h Mar-01 Clark Thomborson Easter Eggs The watermark is visible -- if you know where to look! Not resilient, once the secret is out. See

h Mar-01 Clark Thomborson Our Goals for Dynamic DS WMs Stealth. Our WM should “look like” other structures created by the cover (search trees, hash tables, etc.) Resiliency. Our WM should have some properties that can be checked, stealthily and quickly at runtime, by tamperproofing code (triangulated graphs, biconnectivity, …) Data Rate. We would like to encode 100-bit WMs, or 1000-bit fingerprints, in a few KB of data structure. Our fingerprints may be 1000-bit integers that are products of two primes.

h Mar-01 Clark Thomborson Permutation Graphs (Harary) The WM is High data rate: lg(n!)  lg(n/e) bits per node. High stealth, low resiliency (?) Tamperproofing may involve storing the same permutation in another data structure. What if an adversary changes the node labels?  Node labels may be obtained from node positions on another list.

h Mar-01 Clark Thomborson Oriented Trees Represent as “parent- pointer trees” There are oriented trees on n nodes, with c = 0.44 and  = 2.956, so the asymptotic data rate is lg(  )  1.6 bits/node. 1:2:22: 48: A few of the 48 trees for n = 7 Could you “hide” this data structure in the code for a compiler? For a word processor?

h Mar-01 Clark Thomborson Planted Plane Cubic Trees One root node (in-degree 1). Trivalent internal nodes, with rotation on edges. We add edges to make all nodes trivalent, preserving planarity and distinguishing the root. Simple enumeration (Catalan numbers). Data rate is ~2 bits per leaf node. Excellent tamperproofing. n = 1 n = 2 n = 3 n = 4

h Mar-01 Clark Thomborson Open Problems in Watermarking We can easily build a “recogniser” program to find the WM and therefore demonstrate ownership… but can we release this recogniser to the public without compromising our watermarks? Can we design a “partial recogniser” that preserves resiliency, even though it reveals the location of some part of our WM?

h Mar-01 Clark Thomborson State of the Art in SW Watermarking First dynamic DS watermarks installed in Recognition SW being developed. Ongoing search for graph structures that are suitable for carrying fingerprints. Requirements: –easily enumerable –low outdegree (but high data rate) –quickly-checked properties (for tamperproofing)

h Mar-01 Clark Thomborson Software Obfuscation Many authors, websites and even a few commercial products offer “automatic obfuscation” as a defense against reverse engineering. Existing products generally operate at the lexical level of software, for example by removing or scrambling the names of identifiers. We seem to have been the first (in 1997) to use “opaque predicates” to obfuscate the control structure of software.

h Mar-01 Clark Thomborson Opaque Predicates {A; B }  A B pTpT T F “always true” A B P?P? T F “indeterminate” B’ A B PTPT T F “tamperproof” B bug (“always false” is not shown)

h Mar-01 Clark Thomborson Opaque Predicates on Graphs Dynamic analysis is required! fg fg g.Merge(f) f.Insert(); g.Move(); g.Delete() if (f = = g) then …

h Mar-01 Clark Thomborson Conclusion New art in software obfuscation can make it more difficult for pirates to defeat standard tamperproofing mechanisms, or to engage in other forms of reverse engineering. New art in software watermarking can embed “ownership marks” in software, that will be very difficult for anyone to remove. More R&D is required before robust obfuscating and watermarking tools are easy to use and readily available to software developers.

h Mar-01 Clark Thomborson Schedule Tuesday, 20 March: –Software Obfuscation. –Direct quotations, plagiarism and paraphrase. Wednesday, 21 March: –Introduction to Cryptography. –Handouts due, from students #3 - #9 Friday, 23 March: –Chess, “Security Issues…” –Student presentation #2 (Bellare?)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.