臺灣博碩士論文加值系統

軟體浮水印被應用在軟體的擁有權上，是軟體保護上的重要工具，本篇討論軟體浮水印的發展，主要研究在動態圖形軟體浮水印CT演算法上，在CT演算法應用在Java技術上時，因為Java語言上的特性所遇到的問題，結合軟體工程中物件導向的分析與設計的方法，使CT演算法在Java的應用上加以改良，我們使用物件導向技術去分析物件間的關係，選擇有強關係間的物件把浮水印嵌入，使用行動結合改善物件間的弱關係，由實驗結果證明，新的方法能解決CT演算法應用在Java技術上時，因為Java語言上的特性所遇到的問題，而且新的方法能改善軟體浮水印為程式所帶來的效能及記憶體使用的問題。

Software watermarking is an important technique that enables the protection of programs and intellectual property rights. In this thesis, we discuss the development of software watermarks and the problems involved in dynamic graph-based software watermarking when applying CT algorithm is applied to Java technology. Because Java differs from traditional programming languages, we use the object-oriented analysis and design approach to solve these problems. By embedding watermarks into the input sequences on objects with strong relation, we can prevent watermark tempering. Our experimental results demonstrate that our approach not only effectively increases the difficulty and time required to tamper watermarks but also reduces memory usage and the resources required for loading these watermarks.

Abstract I
Content II
List of Figures IV
List of Tables VI
1 Introduction 1
1.1 Motivation 1
1.2 Goals 2
1.3 Outline of the Thesis 3
2 Background 4
2.1 OOA (Object-Oriented Analysis) & OOD (Object-Oriented Design) 4
2.1.1 Requirements Analysis Workflow 4
2.1.2 Architecture Workflow 5
2.1.3 Design Workflow 6
2.1.4 Construction Workflow 7
2.2 Unified Modeling Language (UML) 8
2.2.1 Use Case Diagrams 9
2.2.2 Activity Diagrams 9
2.2.3 Sequence Diagrams 10
2.2.4 Collaboration Diagrams 10
2.2.5 Statechart Diagrams 11
2.2.6 Class Diagrams 11
2.2.7 Object Diagrams 12
2.2.8 Component Diagrams 12
2.2.9 Deployment Diagrams 13
2.3 Software Watermarks 13
2.3.1 The Basis of a Watermark 13
2.3.2 Software Watermarking 14
3 Related Work 15
3.1 Current solutions 15
3.2 Software Watermarking Algorithms 16
3.2.1 Static Data Watermarks 16
3.2.2 Code Watermarks 17
3.2.3 Watermark Injection 17
3.2.4 Tamperproofing Static Watermarks 19
3.2.5 Easter Egg Watermark 19
3.2.6 Dynamic Data Structure Watermark 20
3.2.7 Dynamic Execution Trace Watermark 20
3.2.8 Dynamic Path-Based Software Watermark 21
3.2.9 Dynamic Graph Watermark 23
3.3 Attacks against the Watermark 28
4 Our Approach 30
4.1 Problem Definition 31
4.1.1 An Example of Tampered Watermarks 31
4.2 Overview 34
4.2.1 Weak Relation and Strong Relation 34
4.3 Select Input Sequence in Strong Relation 37
5 Experiment 45
5.1 Description of Experiment Process 45
5.2 Experimental Results 48
5.2.1 Performance Evaluation 48
5.2.2 Attack of Optimization and Obfuscation Evaluation 49
5.2.3 Use Our Approach to Prevent Tampered Watermarks 50
5.3 Summary 51
6 Conclusion 53
7 References 55

[1] Products IDE, Borland Inc., “Borland Delphi 2006,” June 2006, http://www.borland.com/us/products/delphi/index.html.
[2] MSDN, Microsoft Corp., “Visual Basic,” http://msdn.microsoft.com/vbasic/.
[3] A. Kalinovsky, Covert Java: Techniques for Decompiling, Patching and Reverse Engineering. Sams, Indianapolis, Indiana, 2004.
[4] Java, Sun Microsystems, Inc, http://java.sun.com/products/jdk/rmi/.
[5] G. Booch., Object-Oriented Analysis and Design with applications. Addison-Wesley, 1994.
[6] K Beck, W Cunningham, “A laboratory for teaching object oriented thinking,” in Proceedings of the 1989 ACM OOPSLA conference on object-oriented programming, 1989, pp. 1-6.
[7] Grady Booch, James Rumbaugh, Ivar Jacobson, The Unified Modeling Language User Guide. Addison Wesley, 1998.
[8] Kobryn, C., “Modeling Components and Frameworks with UML,” Journal of Communications of the ACM, vol. 43, pp. 31-38, October 2000.
[9] Medvidovic, N., Rosenblum, D. S., Robbins, J. E., and Redmiles, D. F., “Modeling Software Architectures in the Unified Modeling Language,” Journal of Software Engineering and Methodology, vol. 11, pp. 2-57, January 2002.
[10] Doug Rosenberg, Kendall Scott., Applying Use Case Driven Object Modeling with UML: An Annotated e-Commerce Example. Addison Wesley, 2001.
[11] Grady Booch, James Rumbaugh, Ivar Jacobson, Analysis Patterns Reusable Object Models. Addison-Wesley, 2002
[12] Peter Coad, “Object-oriented patterns,” Journal of Communications of the ACM, vol. 35, pp. 153–159, September 1992.
[13] Lionel Briand and Yvan Labiche, “A UML-based Approach to System Testing,” in Fourth International Conference on the Unified Modeling Language, October 2001, pp. 194-208.
[14] UML, Object Management Group, June 2006,http://www.uml.org/.
[15] D. Curran, N. J. Hurley, M. Ó Cinnéide, “Securing Java through Software Watermarking,” in Proceedings of the 2nd International Conference on Principles and Practice of Programming in Java, June 2003, pp. 145-148.
[16] Christian Collberg and Clark Thomborson, “Software Watermarking: Models and Dynamic Embeddings,” in Principles of Programming Languages, 1999, pp. 311-324.
[17] M. R Stytz, J. A Whittaker, “Software Protection -Security’s Last Stand,” Journal of IEEE Magazine of Security and Privacy, vol. 1, pp. 95-98 , January/February 2003.
[18] Scott A. Moskowitz and Marc Cooperman, “Method for Strega-cipher Protection of Computer Code,” US Patent 5,745,569, January 1996.
[19] Christian Collberg, Clark Thomborson., Gregg M. Townsend, “Dynamic Graph-Based Software Watermarking,” Tech. Rep. TR04-08, April 2004
[20] Christian Collberg, Clark Thomborson, and Douglas Low, “Breaking Abstractions and Unstructuring Data Structures,” In IEEE International Conference on Computer Languages, 1998, pp. 28-38.
[21] Council for IBM Corporation, “Software birthmarks,” BCS Technology of Software Protection Special Interest Group. 1985.
[22] Robert L. Davidson and Nathan Myhrvold, “Method and System for Generating and Auditing a Signature for A Computer Program,” US Patent 5,559,884, September 1996.
[23] Robert L. Davidson, Nathan Myhrvold, Keith Randel Vogel, Gideon Andreas Yuval, Richard Shupak, and Norman Eugene Apperson, “Method and system for improving the locality of memory references during execution of a computer program,” US Patent 5,664,191,September 1997.
[24] A. Monden, H. Iida, K. Matsumoto, Katsuro Inoue, and Koji Torii, “A Practical Method for Watermarking Java Programs,” in 24th Computer Software and Applications Conference, 2000, pp. 191-197.
[25] Christian S. Collberg, “Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection,” Journal of Software Engineering, vol. 28, pp. 735-746, August 2002
[26] C. Collberg, E. Carter, S. Debray, A. Huntwork, C. Linn and M. Stepp, “Dynamic Path-Based Software Watermarking,” in Conference on Programming Language Design and Implementation, 2004, pp. 107-118.
[27] Jens Palsberg, S. Krishnaswamy, Minseok Kwon, D. Ma, Qiuyun Shao, and Y. Zhang. “Experience with Software Watermarking,” in 16th Annual Computer Security Applications Conference, 2000, pp. 308.
[28] Christian Collberg, Ginger Myles, and Andrew Huntwork, “SandMark — A Tool for Software Protection Research,” Journal of IEEE Magazine of Security and Privacy, vol. 1, pp. 40-49, July-August 2003.
[29] SandMark, Computer Science Department of The University of Arizona, June 2006, http://www.cs.arizona.edu/sandmark/.
[30] Kruchten,P., “The 4+1 View Model of Architecture,” IEEE Software, vol. 12, pp. 42-40, November 1995.
[31] DJ Java Decompiler, June 2006, http://members.fortunecity.com/
neshkov/dj.html.
[32] ProGuard , Sourceforge, June 2006, http://proguard.sourceforge.net/
[33] RetroGuard - Java Bytecode Obfuscation, Retrologic Systems, June 2006, http://www.retrologic.com/retroguard-main.html
[34] Rational Rose XDE Developer, IBM Rational Software, June 2006, http://www-306.ibm.com/software/awdtools/developer/rosexde/.