SlideShare a Scribd company logo

Software Protection Techniques

Download as PPTX, PDF
C
Chaitanya Anpat

The document summarizes various techniques for copy protection and preventing software cracking, including hardware-based protection using USB devices, serial key generation, encryption, debug blocking, and code confusion techniques. Code confusion involves obfuscating source code through renaming identifiers, removing debugging information, modifying data and control flow, and inserting confusing code to make the software difficult for humans and debuggers to understand and reverse engineer. The goal is to prevent piracy and protect against $60 billion in estimated annual losses.

Technology
Related topics:
Information Security
1 of 24
Downloaded 36 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Presented by Seminar Guide Chaitanya Anpat Prof. Pritesh Patil TE – IT Monday, October 24, 20161 Copy Protection
Agenda • Introduction • Brief idea about protection methods • Code confusion • Debuggers • Code confusion techniques • conclusion
Introduction • Copy protection is effort to prevent cracking • Cracking-modification to binary files to remove protection reverse engineering • Discovering technical principles of device,object,system,software. • It often involves disassembling exe code to get machine code and bypass software security.
Piracy Game Music S/w • This increases piracy. • Loss due to piracy is about $60 billion
. .
Method of protection • hardware based • Hardware device is integrated with software and used to protect and license an application. • It uses device called USB hardware • Software executes only if devise is actually present on machine • E.g.-ANSYS(related to ME)
• Serial key generation • enter serial key • Serial key compare • If match installation complete
Encryptions • Encoding applications in such a way that only authorized users can use it • It doesn’t prevent hacking • Used to prevent data at rest like files and data at transits like data transfer via networks
Debug-Blocker • In Armadillo, we find another feature called Debug- Blocker. • Armadillo creates 2 processes, referred to them as father ( or parent ) and child. The father process acts as a debugger, trying to protect the child from other debuggers.
Code confusion/obfuscation • Process of confusing • Transforms source code such that it is difficult for human to grasp and debugger to disassemble accurately • confused code should be functionally equivalent to users perspective. • introduce code confusing techniques so as make code difficult to debug and which prevent s/w to be reversed.
Debugger • Linear sweep - win debugger • Control flow not followed • Recursive traversal –Ollydebuger • control flow followed
Inline assembly `c` code for Hello with data byte inserted _asm { jmp L1 ; logic to “skip” data byte _emit 0x00 ; inserted data byte } L1:printf("Hello, World!!!n"); }
WinDBG & OllyDbg .
Code confusion technique Layout Data Control Preventive Technique
Layout technique • Layout obfuscations modify the layout structure of the program by two basic methods: renaming identifiers and removing debugging information • They make the program code less informative to a reverse engineer.
Before void my_output() { int count; for (count = 0; count<=4; ++count) printf("Hello %d!n", count); }
• Tools used this technique are SD Obfuscator CXX obfuscator. • They will automatically output confused code whose functionality remains same after obfuscation.
After #define a int #define b printf #define c for a l47() { a l118; c(l118=0;l118<0x664+196-0x71e;++l118) b("x48x65x6cx6cx6fx20x25x64x21n",l118); }
Data code confusion technique • It changes the program’s use of data or data structures. • The storage of data can be obfuscated by replacing current data definitions with those which do not make sense for their intended use. For example, a loop iteration variable can be replaced with another variable type besides an integer.
Software Protection Techniques
Control flow code confusion • It changes the flow of the program executing code in parallel • insert new functions • mislead the disassembler while executing concurrently
Preventative technique
Conclusion Prevention*cracking
.

More Related Content

PPTX
Computer security and
Rana Usman Sattar
 
PPTX
Access Controls
primeteacher32
 
PPTX
Introduction to Network Security
John Ely Masculino
 
PPTX
Mandatory access control for information security
Ajit Dadresa
 
PPTX
Data Security
AkNirojan
 
PPTX
Network security
Estiak Khan
 
PPT
Computer security overview
CAS
 
PPTX
Basic concepts in computer security
Arzath Areeff
 
Computer security and
Rana Usman Sattar
 
Access Controls
primeteacher32
 
Introduction to Network Security
John Ely Masculino
 
Mandatory access control for information security
Ajit Dadresa
 
Data Security
AkNirojan
 
Network security
Estiak Khan
 
Computer security overview
CAS
 
Basic concepts in computer security
Arzath Areeff
 

What's hot (20)

PPTX
Computer security concepts
Prachi Gulihar
 
PPTX
Computer security
EktaVaswani2
 
DOCX
Kernel security of Systems
Jamal Jamali
 
PPTX
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
PPTX
Information security
avinashbalakrishnan2
 
PPT
Network security
Gichelle Amon
 
PPTX
Information Security Lecture #1 ppt
vasanthimuniasamy
 
PPT
Software Security (Vulnerabilities) And Physical Security
Nicholas Davis
 
PPTX
Network defenses
Prachi Gulihar
 
PPTX
Cloud Computing (Lecture 1 & 2).pptx
MuhammadArslan799356
 
PPTX
Network security
toamma
 
PPT
Information security in todays world
Sibghatullah Khattak
 
PPTX
Authentication, authorization, accounting(aaa) slides
rahul kundu
 
PPTX
Malware ppt final.pptx
LakshayNRReddy
 
PPTX
NETWORK SECURITY
afaque jaya
 
PPTX
Introduction to information security
jayashri kolekar
 
PPTX
Types of attacks
Vivek Gandhi
 
PPTX
System Security-Chapter 1
Vamsee Krishna Kiran
 
PPT
Information Security
Dhilsath Fathima
 
PDF
Network Security Presentation
Allan Pratt MBA
 
Computer security concepts
Prachi Gulihar
 
Computer security
EktaVaswani2
 
Kernel security of Systems
Jamal Jamali
 
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Information security
avinashbalakrishnan2
 
Network security
Gichelle Amon
 
Information Security Lecture #1 ppt
vasanthimuniasamy
 
Software Security (Vulnerabilities) And Physical Security
Nicholas Davis
 
Network defenses
Prachi Gulihar
 
Cloud Computing (Lecture 1 & 2).pptx
MuhammadArslan799356
 
Network security
toamma
 
Information security in todays world
Sibghatullah Khattak
 
Authentication, authorization, accounting(aaa) slides
rahul kundu
 
Malware ppt final.pptx
LakshayNRReddy
 
NETWORK SECURITY
afaque jaya
 
Introduction to information security
jayashri kolekar
 
Types of attacks
Vivek Gandhi
 
System Security-Chapter 1
Vamsee Krishna Kiran
 
Information Security
Dhilsath Fathima
 
Network Security Presentation
Allan Pratt MBA
 
Ad

Viewers also liked (7)

PDF
Intellectual Property Protection In software
viralishere
 
PPT
Legal protection of computer software
Olli Pitkänen
 
PPS
Watermark
ravi33s
 
DOCX
Digital Watermarking
Ankush Kr
 
PPTX
Digital watermarking
rupareliab14
 
PDF
Intellectual property rights
Kaanael S. Mbise
 
PPTX
Digital watermarking
Ankush Kr
 
Intellectual Property Protection In software
viralishere
 
Legal protection of computer software
Olli Pitkänen
 
Watermark
ravi33s
 
Digital Watermarking
Ankush Kr
 
Digital watermarking
rupareliab14
 
Intellectual property rights
Kaanael S. Mbise
 
Digital watermarking
Ankush Kr
 
Ad

Similar to Software Protection Techniques (20)

PPTX
Reverse Engineering.pptx
Sameer Sapra
 
PDF
Bypass_AV-EDR.pdf
Farouk2nd
 
PDF
Captain Hook: Pirating AVs to Bypass Exploit Mitigations
enSilo
 
PDF
Piratng Avs to bypass exploit mitigation
Priyanka Aash
 
PDF
Software cracking and patching
Mayank Gavri
 
PPTX
Safe and secure programming practices for embedded devices
Soumitra Bhattacharyya
 
PDF
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kuniyasu Suzaki
 
PPTX
EMBEDDED SYSTEMS SYBSC IT SEM IV UNIT V Embedded Systems Integrated Developme...
Arti Parab Academics
 
PPTX
chap-1 : Vulnerabilities in Information Systems
KashfUlHuda1
 
PDF
михаил дударев
apps4allru
 
PPTX
c programming 1-1.pptx
CHERUKURIYUVARAJU209
 
PPTX
Slide Deck CISSP Class Session 5
FRSecure
 
PPTX
Exploitation techniques and fuzzing
Prachi Gulihar
 
PDF
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
Code Engn
 
PPT
E.s unit 6
Sneha Chopra
 
PDF
Getting started with RISC-V verification what's next after compliance testing
RISC-V International
 
PDF
How-To Find Malicious Backdoors and Business Logic Vulnerabilities in Your Code
DevOps.com
 
PPTX
Embedded presentation
rohancool
 
PPTX
Reverse Engineering Malware - A Practical Guide
intertelinvestigations
 
PPTX
Capability Building for Cyber Defense: Software Walk through and Screening
Maven Logix
 
Reverse Engineering.pptx
Sameer Sapra
 
Bypass_AV-EDR.pdf
Farouk2nd
 
Captain Hook: Pirating AVs to Bypass Exploit Mitigations
enSilo
 
Piratng Avs to bypass exploit mitigation
Priyanka Aash
 
Software cracking and patching
Mayank Gavri
 
Safe and secure programming practices for embedded devices
Soumitra Bhattacharyya
 
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kuniyasu Suzaki
 
EMBEDDED SYSTEMS SYBSC IT SEM IV UNIT V Embedded Systems Integrated Developme...
Arti Parab Academics
 
chap-1 : Vulnerabilities in Information Systems
KashfUlHuda1
 
михаил дударев
apps4allru
 
c programming 1-1.pptx
CHERUKURIYUVARAJU209
 
Slide Deck CISSP Class Session 5
FRSecure
 
Exploitation techniques and fuzzing
Prachi Gulihar
 
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
Code Engn
 
E.s unit 6
Sneha Chopra
 
Getting started with RISC-V verification what's next after compliance testing
RISC-V International
 
How-To Find Malicious Backdoors and Business Logic Vulnerabilities in Your Code
DevOps.com
 
Embedded presentation
rohancool
 
Reverse Engineering Malware - A Practical Guide
intertelinvestigations
 
Capability Building for Cyber Defense: Software Walk through and Screening
Maven Logix
 

Recently uploaded (20)

PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Encapsulation theory and applications.pdf
gurumoop
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Cloud computing and distributed systems.
kkkkkhan
 
Approach and Philosophy of On baking technology
30anthuong17
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 

Software Protection Techniques

  • 1. Presented by Seminar Guide Chaitanya Anpat Prof. Pritesh Patil TE – IT Monday, October 24, 20161 Copy Protection
  • 2. Agenda • Introduction • Brief idea about protection methods • Code confusion • Debuggers • Code confusion techniques • conclusion
  • 3. Introduction • Copy protection is effort to prevent cracking • Cracking-modification to binary files to remove protection reverse engineering • Discovering technical principles of device,object,system,software. • It often involves disassembling exe code to get machine code and bypass software security.
  • 4. Piracy Game Music S/w • This increases piracy. • Loss due to piracy is about $60 billion
  • 5. . .
  • 6. Method of protection • hardware based • Hardware device is integrated with software and used to protect and license an application. • It uses device called USB hardware • Software executes only if devise is actually present on machine • E.g.-ANSYS(related to ME)
  • 7. • Serial key generation • enter serial key • Serial key compare • If match installation complete
  • 8. Encryptions • Encoding applications in such a way that only authorized users can use it • It doesn’t prevent hacking • Used to prevent data at rest like files and data at transits like data transfer via networks
  • 9. Debug-Blocker • In Armadillo, we find another feature called Debug- Blocker. • Armadillo creates 2 processes, referred to them as father ( or parent ) and child. The father process acts as a debugger, trying to protect the child from other debuggers.
  • 10. Code confusion/obfuscation • Process of confusing • Transforms source code such that it is difficult for human to grasp and debugger to disassemble accurately • confused code should be functionally equivalent to users perspective. • introduce code confusing techniques so as make code difficult to debug and which prevent s/w to be reversed.
  • 11. Debugger • Linear sweep - win debugger • Control flow not followed • Recursive traversal –Ollydebuger • control flow followed
  • 12. Inline assembly `c` code for Hello with data byte inserted _asm { jmp L1 ; logic to “skip” data byte _emit 0x00 ; inserted data byte } L1:printf("Hello, World!!!n"); }
  • 14. Code confusion technique Layout Data Control Preventive Technique
  • 15. Layout technique • Layout obfuscations modify the layout structure of the program by two basic methods: renaming identifiers and removing debugging information • They make the program code less informative to a reverse engineer.
  • 16. Before void my_output() { int count; for (count = 0; count<=4; ++count) printf("Hello %d!n", count); }
  • 17. • Tools used this technique are SD Obfuscator CXX obfuscator. • They will automatically output confused code whose functionality remains same after obfuscation.
  • 18. After #define a int #define b printf #define c for a l47() { a l118; c(l118=0;l118<0x664+196-0x71e;++l118) b("x48x65x6cx6cx6fx20x25x64x21n",l118); }
  • 19. Data code confusion technique • It changes the program’s use of data or data structures. • The storage of data can be obfuscated by replacing current data definitions with those which do not make sense for their intended use. For example, a loop iteration variable can be replaced with another variable type besides an integer.
  • 21. Control flow code confusion • It changes the flow of the program executing code in parallel • insert new functions • mislead the disassembler while executing concurrently
  • 24. .