Surreptitious Software: Models from Biology and History

  • Christian Collberg
  • Jasvir Nagra
  • Fei-Yue Wang
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1)


Over the last decade a bewildering array of techniques have been proposed to protect software from piracy, malicious reverse engineering, and tampering. While we can broadly classify these techniques as obfuscation, watermarking/fingerprinting, birthmarking, and tamperproofing there is a need for a more constructive taxonomy. In this paper we present a model of Surreptitious Software techniques inspired by defense mechanisms found in other areas: we will look at the way humans have historically protected themselves from each other and from the elements, how plants and animals have evolved to protect themselves from predators, and how secure software systems have been architected to protect against malicious attacks. In this model we identify a set of primitives which underlie many protection schemes. We propose that these primitives can be used to characterize existing techniques and can be combined to construct novel schemes which address a specific set of protective requirements.


Software protection defense mechanisms taxonomy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Cunningham, W., Beck, K.: Using pattern languages for object-oriented programs. In: OOPSLA’87 (1987)Google Scholar
  2. 2.
    Garfinkel, S.: Design Principles and Patterns for Computer Systems That Are Simultaneously Secure and Usable. PhD thesis, Massachusetts Institute of Technology, Cambridge, MA (2005)Google Scholar
  3. 3.
    unknown: Decoys: Tanks but no tanks. Time Magazine (Monday, Feb. 4) (1991),,9171,972244,00.html
  4. 4.
    Collberg, C., Thomborson, C., Low, D.: Breaking abstractions and unstructuring data structures. In: IEEE International Conference on Computer Languages 1998, ICCL’98, Chicago, IL (1998)Google Scholar
  5. 5.
    Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages 1998, POPL’98, San Diego, CA (1998)Google Scholar
  6. 6.
    Cronin, G.: Defense Mechanisms. Salem Press, pp. 314–319 (2001)Google Scholar
  7. 7.
    Collberg, C., Huntwork, A., Carter, E., Townsend, G.: Graph theoretic software watermarks: Implementation, analysis, and attacks. In: Workshop on Information Hiding, pp. 192–207 (2004)Google Scholar
  8. 8.
    Collberg, C., Carter, E., Debray, S., Kececioglu, J., Huntwork, A., Linn, C., Stepp, M.: Dynamic path-based software watermarking. In: ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 04), ACM Press, New York (2004)Google Scholar
  9. 9.
    Shamir, A., van Someren, N.: Playing Hide and Seek with stored keys. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 118–124. Springer, Heidelberg (1999)Google Scholar
  10. 10.
    Ramalingam, G.: The undecidability of aliasing. ACM TOPLAS 16(5), 1467–1471 (1994)CrossRefGoogle Scholar
  11. 11.
    Wang, C., Hill, J., Knight, J., Davidson, J.: Software tamper resistance: Obstructing static analysis of programs. Technical Report CS-2000-12, University of Virginia (2000)Google Scholar
  12. 12.
    Stark, S.: Why lawyers can’t write. Harvard Law Review 97(1389) (1984)Google Scholar
  13. 13.
    Tyma, P.: Method for renaming identifiers of a computer program. US patent 6,102,966 (2000)Google Scholar
  14. 14.
    Bender, W., Gruhl, D., Morimoto, N., Lu, A.: Techniques for data hiding. IBM Syst. J. 35(3–4), 313–336 (1996)CrossRefGoogle Scholar
  15. 15.
    Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal, 656–715 (1949)Google Scholar
  16. 16.
    Wayner, P.: Mimic functions. CRYPTOLOGIA 14(3) (1992)Google Scholar
  17. 17.
    Monden, A., Iida, H., Matsumoto, K., Inoue, K., Torii, K.: A practical method for watermarking Java programs. In: 24th Computer Software and Applications Conference (2000)Google Scholar
  18. 18.
    Myles, G., Collberg, C.: k-gram based software birthmarks. In: Proceedings of SAC (2005)Google Scholar
  19. 19.
    Horne, B., Matheson, L., Sheehan, C., Tarjan, R.E.: Dynamic self-checking techniques for improved tamper resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, Springer, Heidelberg (2002)Google Scholar
  20. 20.
    Chang, H., Atallah, M.: Protecting software code by guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, Springer, Heidelberg (2002)Google Scholar
  21. 21.
    Gang Tan, Y.C., Jakubowski, M.H.: Delayed and controlled failures in tamper-resistant systems. In: Information Hiding 2006 (2006)Google Scholar
  22. 22.
    Farrell, N.: Mac Display Eater kills home files. The Inquirer (February 27, 2007)Google Scholar
  23. 23.
    Keaney, T.A., Cohen, E.A.: Gulf War Air Power Survey Summary Report (1993)Google Scholar
  24. 24.
    Aucsmith, D.: Tamper resistant software: An implementation. In: Anderson, R. (ed.) Information Hiding, LNCS, vol. 1174, pp. 317–333. Springer, Heidelberg (1996)Google Scholar
  25. 25.
    Wang, F.Y.: Computational experiments for behavior analysis and decision evaluation of complex systems. Journal of Systems Simulations 16(5), 893–897 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Christian Collberg
    • 1
  • Jasvir Nagra
    • 2
  • Fei-Yue Wang
    • 3
  1. 1.Department of Computer ScienceUniversity of ArizonaTucsonUSA
  2. 2.Dipartimento di Informatica e TelecomunicazioniUniversity of TrentoPovo (Trento)Italy
  3. 3.Key Lab for Complex Systems and Intelligence Science, Institute of AutomationChinese Academy of SciencesBeijing, HaidianPeople's Republic of China

Personalised recommendations