Advances in reverse engineering and program analyses have made software extremely vulnerable to malicious host attacks. These attacks typically take the form of intellectual property violations, against which the software needs to be protected. The intellectual property that needs to be protected can take on di#erent forms. The software might, e.g., consist itself of proprietary algorithms and datastructures or it could provide controlled access to copyrighted material. Therefore, in recent years, a number of techniques have been explored to protect software. Many of these techniques provide a reasonable level of security against static-only attacks. Many of them however fail to address the problem of dynamic or hybrid static-dynamic attacks. While this type of attack is already commonly used by black-hats, this is one of the first scientific papers to discuss the potential of these attacks through which an attacker can analyze, control and modify a program extensively. The concepts are illustrated through a case study of a recently proposed algorithm for software watermarking [6].

Decompilation of Java bytecode is the act of transforming Java bytecode to Java source code. Although easier than that of decompilation of machine code, problems still arise in Java bytecode decompilation. These include type inference of local variables and exception-handling. We evaluate the currently available Java bytecode decompilers using an extension of the criteria used in a previous original study. Although there has been a slight improvement since this study, it was found that none passed all of the tests, each of which were designed to target different problem areas. Decompilation is a problem for the software industry, with the global revenue loss due to software piracy estimated to be more than $50 billion in 2008. We present a survey of decompilation resistance techniques, including code obfuscation and software watermarking, in the context of Java decompilers. Code obfuscation has the useful side-effect of causing many Java decompilers to fail when applied to Java bytecode, while other techniques decrease the possibility of code understanding. Software watermarks can be used to prove ownership of stolen software, and are usually used in conjunction with obfuscation to provide better protection. Many obfuscations and watermarks are easily removed rendering