Evaluating Security of Executable Steganography for Digital Software Watermarking

J. Alex Mullins, J. Todd McDonald, William R. Mahoney, Todd R. Andel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations


Man-at-the-end (MATE) attacks against software programs are difficult to protect. Adversaries have complete access to the binary program and can run it under both static and dynamic analysis to find and break any software protection mechanisms put in place. Even though full-proof protection is not possible practically or theoretically, the goal of software protection should be to make it more difficult for an adversary to find program secrets by increasing either their monetary cost or time. Protection mechanisms must be easy to integrate into the software development lifecycle, or else they are of little to no use. In this paper, we evaluate the practical security of a watermarking technique known as Weaver, which is intended to support software watermarking based on a new transformation technique called executable steganography. Weaver allows hiding of identification marks directly into a program binary in a way that makes it difficult for an adversary to find and remove. We performed instruction frequency analysis on 106 programs from the GNU coreutils package to understand and define Weaver's limitations and strengths as a watermarking technique. Our evaluation revealed that the initial prototype version of Weaver suffers from limitations in terms of standard benchmarks for steganography evaluation, such as its stealth. We found that this initial prototype of Weaver relied heavily on one type of instruction that does not frequently occur in standard programs, namely the mov instruction with an 8-byte immediate operand. Our instruction frequency analysis revealed a negative impact due to Weaver's over-reliance on this mov instruction.

Original languageEnglish (US)
Title of host publicationSoutheastCon 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages8
ISBN (Electronic)9781665406529
StatePublished - 2022
EventSoutheastCon 2022 - Mobile, United States
Duration: Mar 26 2022Apr 3 2022

Publication series

NameConference Proceedings - IEEE SOUTHEASTCON
ISSN (Print)1091-0050
ISSN (Electronic)1558-058X


ConferenceSoutheastCon 2022
Country/TerritoryUnited States


  • IP protection
  • obfuscation
  • software watermarking
  • steganography

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Electrical and Electronic Engineering
  • Control and Systems Engineering
  • Signal Processing


Dive into the research topics of 'Evaluating Security of Executable Steganography for Digital Software Watermarking'. Together they form a unique fingerprint.

Cite this