Top 4 Software Development Protection Techniques and How to Defeat Them
You know as a code geek that your intellectual property (IP) is worth protecting from being copied, reverse-engineered, or modified, but with tradeoffs in performance and effort, what methods are best for your projects? In Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection, Christian Collberg, and Jasvir Nagra share tools and techniques to help you beat the bad guys. Shawna McAlearney asked the authors to share some of their wisdom so you don’t have to learn the lessons yourself… in pain.
Protecting code has been characterized as an arms race between attackers trying to break protection on code and developers capitalizing on the fruits of their labor. Anything you can do to slow down an attacker makes you a less appealing target. Of course, you also don't want to slow your customers' performance or make it difficult for them to make a back up copy of the program. As the authors say, "If a developer unnecessarily prevents customers from carrying out operations on a program that they deem reasonable, the customer will be much more likely to engage in attacking your code or using illegitimate versions of a program."
Some developers put all their effort into making really efficient, bug free (as much as possible anyway) code, but pay little attention to how to safeguard it face it, your intellectual property (IP) is worth protecting. And protection from insider threats is actually the most critical to consider. Motives for insider attacks can include financial gain, sabotage, and revenge. Insiders, by definition, have legitimate access to the code that allows them the freedom to carry out an attack, often over long periods of time.
Knowing the best protection methods available and how they can be defeated will empower you to make the right decisions for your project. Should you use a form of encryption? Or maybe watermarking or obfuscation algorithms would be best. Collberg and Nagra offer their recommendations on the four strongest methods and their weaknesses:
Static watermarking algorithms, where the name of the author is embedded in the order and value of bytes that constitute a program, can be very efficient and have little impact on the program’s execution. However, watermarks can be removed relatively easily by inserting NOPs (No Operation Performed) in the program, carrying out semantic-preserving rearrangements of its instructions, or even by encrypting the program and adding a stub that decrypts the program in memory before executing it.
Embedding decryption keys in hardware may be resilient to software attacks but will fall to a hardware attack if the key passes "in the clear" between where it is stored and the CPU where content is decrypted. Once that key is made public, the key can be freely shared and used to decrypt existing software.
Tamper-proofing a program with checksums of the sections of memory where the program is loaded can be effective in preventing an attacker from modifying the program if the program is running on limited hardware. However, if the hardware allows an attacker to trap attempts to read from the same area of memory where the program is loaded, the attack can efficiently and undetectably modify a program while redirecting any self-checking code to read a pristine copy of itself.
Fingerprint code or applying different obfuscation algorithms on each copy of a program increases the diversity and makes it harder for an attacker to produce a single procedure capable of attacking every instance of the program. However, an attacker knows that any two copies of the program are in fact the same program obfuscated in two different ways and learns something about the underlying unobfuscated program. Any differences must necessarily be the result of fingerprint and reduces the amount of code the attacker has to look at to know what to attack.
When taking steps to protect your code, the authors say, keep in mind the keys to success:
- Consider carefully which technique to choose since performance can be impacted.
- Choose a software protection code that is stealthy. You need one that generates code that fits in with surrounding code rather than code that can highlight a vulnerable area for attack.
- Pick a protection algorithm that is diverse; attacking one program doesn't teach an adversary anything useful for attacking a second protected program. But be aware that diversity can also impact quality assurance.
- Realize that all protection techniques eventually fail if an attacker is persistent and highly skilled.
If you're interested in the most up-to-date software protection methods, learn more about the book in InformIT's Store.