基于程序多模态的动态软件水印方法研究

This project aims to explore novel dynamic software watermarking methods, based on the well-observed “multimodality” phenomenon occurs in many aspects of programs during practices of software developing, verification & testing, as well as software integrity protection. With the new dynamic watermarking methods, we hope that the major drawback of the existing dynamic software watermarking methods (e.g., the unsatisfactory stealth), which was unsolvable due to their outdated yet fundamental design philosophy (i.e., to build watermark payload code as independent components that are merely attached to the subject program), would be effectively addressed. In specific, the content of this project includes: (1) establish the basic concept and methodology for “program multimodality”, starting from a formal definition; (2) propose a new model for dynamic software watermarking based on program multimodality theory; (3) explore concrete dynamic watermarking realization techniques under the proposed new model, using both semantic-level and execution-state-level program multimodality as the basis; (4) analyze performance and security properties of program-multimodality-based dynamic watermarking methods, and establish an evaluation system for the new methods. Finally, this project plans to build an automated software watermarking embedding/recognition system on top of the above researches..The goal of this project includes: exploiting the “multimodality” phenomenon observed in computer programs, propose a new line of dynamic software watermarking theory and techniques; provide corresponding technical solutions, practical realizations and performance/security evaluation methods for the newly proposed program-multimodality-based watermarking methods; eventually, accomplish a complete system of new theory and techniques on dynamic software watermarking with full proprietary intellectual property rights.

本项目从软件开发、软件验证与测试以及软件完整性保护等实践中存在于计算机程序各方面的“多模态”现象入手，研究基于该现象的新型动态软件水印方法，以期改变当前动态软件水印方法中水印代码与载体程序相互独立的陈旧设计理念，从根本上解决其隐蔽性差等难以克服的安全性能缺陷。具体研究内容包括：（1）从形式化定义出发，形成“程序多模态”的基本概念、基本思想与方法；（2）构建基于程序多模态的动态软件水印模型；（3）从语义多模态和状态多模态两方面研究其实现方法与技术；（4）分析多模态动态软件水印性能与安全特性，建立相应的评估体系。在此基础上，本项目还将开发相应的动态软件水印嵌入/识别系统。.项目研究目标是，提出一套基于计算机程序中所存在的“多模态”现象的新型动态软件水印方法，并提供相应的技术方案、实现方法和评估策略，力求形成具有自主知识产权的软件水印新技术。

项目针对MATE（Man-At-The-End）攻击对软件知识产权保护带来的挑战和威胁，从克服现有软件动态水印技术设计机制上存在的缺陷出发，研究基于计算机程序“状态多模态”现象的新型软件动态水印方法，并提供相应的技术方案与实现方法。项目完成的研究工作包括：.（1）利用智能计算模型（如神经网络和随机森林）内部逻辑“不可知性”混淆程序分支条件，分析验证程序“状态多模态”现象的存在性；进一步地，从上述混淆方法所产生的次生状态出发，提出了新的、具有重要应用价值的动态软件水印方案和相应实现技术。.（2）利用Collatz猜想对抗符号执行的优势，构建一种新型、轻量级的动态软件水印方案并给出了相应的实现方法。该水印方法具有重要的应用价值。.（3）利用SGX（Intel Software Guard Extension），一种新型可信计算平台，提出了一种具有较强鲁棒性的软件防篡改方法。.上述研究结果，丰富了软件水印技术的研究方法和技术手段，对于在面对逆向工程时提高软件知识产权的保护能力具有重要的意义。