Robustness Analysis of Dynamic Watermarks

• Main Author: Ivan V. Nechta
• Format: Article
• Language: English
• Published: Moscow Engineering Physics Institute 2017-06-01
• Series: Bezopasnostʹ Informacionnyh Tehnologij
• Subjects: dynamic watermarking; steganography of executables
• Online Access: https://bit.mephi.ru/index.php/bit/article/view/107

In this paper we consider previously known scheme of dynamic watermarks embedding (Ra- dix-n) that is used for preventing illegal use of software. According to the scheme a watermark is dynamic linked data structure (graph), which is created in memory during program execution. Hidden data, such as information about author, can be represented in a different type of graph structure. This data can be extracted and demonstrated in judicial proceedings. This paper declared that the above mentioned scheme was previously one of the most reliable, has a number of features that allows an attacker to detect a stage of watermark construction in the program, and therefore it can be corrupted or deleted. The author of this article shows the weakness of Radix-N scheme, which consists in the fact that we can reveal dynamic data structures of a program by using information received from some API-functions hooker which catches function calls of dynamic memory allocation. One of these data structures is the watermark. Pointers on dynamically created objects (arrays, variables, class items, etc.) of a program can be detected by content analysis of computer's RAM. Different dynamic objects in memory interconnected by pointers form dynamic data structures of a program such as lists, stacks, trees and other graphs (including the watermark). Our experiment shows that in the vast majority of cases the amount of data structure in programs is small, which increases probability of a successful attack. Also we present an algorithm for finding connected components of a graph with linear time-consuming in cases where the number of nodes is about 106. On the basis of the experimental findings the new watermarking scheme has been presented, which is resistant to the proposed attack. It is offered to use different graph structure representation of a watermark, where edges are implemented using unique signatures. Our scheme uses content encrypting of graph nodes (except signature), so an attacker is not able to reveal links between nodes and find the watermark.