Software watermarking Resilient to debugging attacks

Gaurav Gupta*, Josef Pieprzyk

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

5 Citations (Scopus)
8 Downloads (Pure)


In 2006, Gaurav Gupta and Josef Pieprzyk presented an attack on the branch-based software watermarking scheme proposed by Ginger Myles and Hongxia Jin in 2005. The software watermarking model is based on replacing jump instructions or unconditional branch statements (UBS) by calls to a fingerprint branch function (FBF) that computes the correct target address of the UBS as a function of the generated fingerprint and integrity check. If the program is tampered with, the fingerprint and/or integrity checks change and the target address is not computed correctly. Gupta and Pieprzyk's attack uses debugger capabilities such as register and address lookup and breakpoints to minimize the requirement to manually inspect the software. Using these resources, the FBF and calls to the same is identified, correct displacement values are generated and calls to FBF are replaced by the original UBS transferring controlof the attack to the correct target instruction. In this paper, we propose a watermarking model that provides security against such debugging attacks. Two primary measures taken are shifting the stack pointer modification operation from the FBF to the individual UBSs, and coding the stack pointer modification in the same language as that of the rest of the code rather than assembly language to avoid conspicuous contents. The manual component complexity increases from O(1) in the previous scheme to O(n) in our proposed scheme.

Original languageEnglish
Pages (from-to)10-16
Number of pages7
JournalJournal of Multimedia
Issue number2
Publication statusPublished - 2007

Bibliographical note

Copyright Academy Publisher. This version is archived for noncommercial access and personal use only. Permission for all other purposes must be requested from Academy Publisher at


Dive into the research topics of 'Software watermarking Resilient to debugging attacks'. Together they form a unique fingerprint.

Cite this