[biblio0_001] [1] Hofstadter and Douglas R. Basic Books, Godel, Escher, Bach: An Eternal Golden Braid, January 1999. ISBN 0465026567.

[biblio0_002] [2] Sandmark. www.cs.arizona.edu/sandmark/.

[biblio0_003] [3] Zelix klassmaster. www.zelix.com/klassmaster/index.html.

[biblio0_004] [4] D. Abramson and R. Sosic. Relative debugging using multiple program versions. In 8th Int. Symp. on Languages for Intensional Programming, Sydney, May 1995.

[biblio0_005] [5] Alfred V. Aho, Ravi Sethi, and Jeffery D. Ullman. Compilers: Principles, Techniques, and Tools. Addison-Wesley, 1988.

[biblio0_006] [6] Alex Aiken. Moss—a system for detecting software plagiarism. www.cs.berkeley.edu/~aiken/moss.html.

[biblio0_007] [7] Alex Aiken, Saul Schleimer, Joel Auslander, Daniel Wilkerson, Anthony Tomasic, and Steve Fink. Method and apparatus for indexing document content and content comparison with World Wide Web search service. U.S. Patent 6757675, June 2004. Assigned to the Regents of the University of California.

[biblio0_008] [8] Aladdin. HASP4 programmer’s guide. ftp://ftp.aladdin.com/pub/hasp/new_releases/docsHASP_Manual_EN.zip, 2007.

[biblio0_009] [9] B. Anckaert, M. Madou, and K. De Bosschere. A model for self-modifying code. In 8th Information Hiding, July 2006. Springer-Verlag.

[biblio0_010] [10] Bertrand Anckaert, Mariusz Jakubowski, and Ramarathnam Venkatesan. Proteus: virtualization for diversified tamper-resistance. In DRM ’06: Proceedings of the ACM Workshop on Digital rights management, pages 47–58, New York, 2006. ACM Press.

[biblio0_011] [11] Bertrand Anckaert, Mariusz Jakubowski, Ramarathnam Venkatesan, and Koen De Bosschere. Run-time randomization to mitigate tampering. In A. Miyaji, H. Kikuchi, and K. Rannenberg, editors, Proceedings of the Second International Workshop on Security, number 4752, pages 153–168, Berlin, October 2007. Springer-Verlag.

[biblio0_012] [12] Bertrand Anckaert, Bjorn De Sutter, and Koen De Bosschere. Covert communication through executables. In Program Acceleration through Application and Architecture Driven Code Transformations: Symposium Proceedings, pages 83–85, Edegem, Sept. 2004.

[biblio0_013] [13] Bertrand Anckaert, Bjorn De Sutter, Dominique Chanet, and Koen De Bosschere. Steganography for executables and code transformation signatures. In P. Choosnik and C. Seongtaek, editors, Information Security And Cryptology—ICISC 2004, number 3506, pages 425–439, Germany, April 2005. Springer-Verlag.

[biblio0_014] [14] R. Anderson, M. Bond, J. Clulow, and S. Skorobogatov. Cryptographic processors—A survey. Proceedings of the IEEE, 94(2):357–369, 2006. IEEE.

[biblio0_015] [15] Ross Anderson. Trusted computing frequently asked questions, version 1.1. www.cl.cam.ac.uk/~rja14/tcpa-faq.html, August 2003.

[biblio0_016] [16] Ross Anderson and Markus Kuhn. Tamper resistance—a cautionary note. In Proceedings of the Second USENIX Workshop on Electronic Commerce, pages 1–11, 1996. USENIX.

[biblio0_017] [17] Ross Anderson and Markus Kuhn. Low cost attacks on tamper resistant devices. In IWSP: International Workshop on Security Protocols, LNCS, 1997. Springer-Verlag.

[biblio0_018] [18] Ross J. Anderson and Fabien A. P. Petitcolas. On the limits of steganography. IEEE Journal of Selected Areas in Communications, 16(4):474–481, May 1998. Special issue on copyright & privacy protection.

[biblio0_019] [19] ANSI. Audio recording—compact disc digital audio system, 1999. iec 60908 ed. 2.0 b:1999.

[biblio0_020] [20] Andrew Appel. Deobfuscation is in NP. www.cs.princeton.edu/~appel/papers/deobfus.pdf, 2002.

[biblio0_021] [21] W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In SP ’97: Proceedings of the 1997 IEEE Symposium on Security and Privacy, page 65, Washington, DC, 1997. IEEE.

[biblio0_022] [22] William A. Arbaugh, David J. Farber, Angelos D. Keromytis, and Jonathan M. Smith. Secure and reliable bootstrap architecture. U.S. Patent 6185678, 2001.

[biblio0_023] [23] M. Atallah, V. Raskin, C. Hempelmann, M. Karahan, R. Sion, and K. Triezenberg. Natural language watermarking and tamperproofing. In Proc. 5th International Information Hiding Workshop, 2002. Springer-Verlag.

[biblio0_024] [24] Mikhail J. Atallah and Chang Hoi. Method and system for tamperproofing software. United States Application 20060031686, February 2006. Assigned to Purdue Research Foundation.

[biblio0_025] [25] Mikhail J. Atallah, Victor Raskin, Michael Crogan, Christian Hempelmann, Florian Kerschbaum, Dina Mohamed, and Sanket Naik. Natural language watermarking: Design, analysis, and a proof-of-concept implementation. In IHW ’01: Proceedings of the 4th International Workshop on Information Hiding, pages 185–199, London, 2001. Springer-Verlag.

[biblio0_026] [26] David Aucsmith. Tamper resistant software: An implementation. In Ross J. Anderson, editor, Information Hiding, First International Workshop, pages 317–333, Cambridge, U.K., May 1996. Springer-Verlag. Lecture Notes in Computer Science, Vol. 1174.

[biblio0_027] [27] David Aucsmith and Gary Graunke. Tamper resistant methods and apparatus. U.S. Patent 5892899, April 1999. Assigned to Intel Corporation (Santa Clara, CA).

[biblio0_028] [28] Lee Badger, Larry D’Anna, Doug Kilpatrick, Brian Matt, Andrew Reisse, and Tom Van Vleck. Self-protecting mobile agents obfuscation techniques evaluation report. Technical Report 01-036, NAI Labs, November 2001.

[biblio0_029] [29] Mark W. Bailey and Jack W. Davidson. A formal model and specification language for procedure calling conventions. In POPL ’95: Proceedings of the 22nd ACM SIGPLANSIGACT Symposium on Principles of Programming Languages, pages 298–310, New York, NY, 1995. ACM.

[biblio0_030] [30] Sundeep Bajikar. Trusted platform module (TPM) based security on notebook PCs—white paper. Technical report, Intel Corporation, June 2002.

[biblio0_031] [31] Boris Balacheff, Liqun Chen, Siani Pearson, David Plaquin, and Graeme Proudler. Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall PTR, Upper Saddle River, NJ, 2002.

[biblio0_032] [32] Thomas Ball. The concept of dynamic analysis. In ESEC/FSE-7: Proceedings of the 7th European Software Engineering Conference, pages 216–234, London, 1999. Springer-Verlag.

[biblio0_033] [33] Thomas Ball and James R. Larus. Optimally profiling and tracing programs. ACM Trans. Program. Lang. Syst., 16(4):1319–1360, 1994.

[biblio0_034] [34] Boaz Barak, Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. On the (im)possibility of obfuscating programs (extended abstract). In J. Kilian, editor, Advances in Cryptology—CRYPTO 2001, 2001. LNCS 2139.

[biblio0_035] [35] Elena Gabriela Barrantes, David H. Ackley, Stephanie Forrest, and Darko Stefanović. Randomized instruction set emulation. ACM Transactions on Information and System Security (TISSEC), 8(1):3–40, February 2005.

[biblio0_036] [36] Gareth Baxter, Marcus Frean, James Noble, Mark Rickerby, Hayden Smith, Matt Visser, Hayden Melton, and Ewan Tempero. Understanding the shape of Java software. In OOPSLA ’06: Proceedings of the 21st Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages, and Applications, pages 397–412, New York, 2006. ACM.

[biblio0_037] [37] W. Bender, D. Gruhl, and N. Morimoto. Techniques for data hiding. In Proc. of the SPIE 2420 (Storage and Retrieval for Image and Video Databases III), pages 164–173, 1995.

[biblio0_038] [38] R. E. Berry and B. A. E. Meekings. A style analysis of C programs. Communications of the ACM, 28(1):80–88, January 1991.

[biblio0_039] [39] Robert M. Best. Preventing software piracy with crypto-microprocessors. In Proceedings of IEEE Spring COMPCON 80, pages 466–469, San Francisco, CA, February 1980. IEEE.

[biblio0_040] [40] Robert M. Best. Crypto microprocessor that executes enciphered programs. U.S. Patent No. 4 465 901, issued Aug. 14, 1984.

[biblio0_041] [41] Philippe Biondi and Fabrice Desclaux. Silver needle in the Skype. In Black Hat Europe, Feb–Mar 2006. www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf.

[biblio0_042] [42] Brian Blietz and Akhilesh Tyagi. Software tamper resistance through dynamic program monitoring. In Digital Rights Management: Technologies, Issues, Challenges and Systems, First International Conference, DRMTICS 2005, volume 3919 of Lecture Notes in Computer Science, pages 146–163. Springer, 2005.

[biblio0_043] [43] Manuel Blum and Sampath Kannan. Designing programs that check their work. Journal of the ACM, 42(1):269–291, January 1995.

[biblio0_044] [44] S. Blythe, B. Fraboni, S. Lall, H. Ahmed., and U. de Riu. Layout reconstruction of complex silicon chips. Solid-State Circuits, IEEE Journal of, 28(2):138–145, Feb. 1993.

[biblio0_045] [45] Dan Boneh, David Lie, Pat Lincoln, John Mitchell, and Mark Mitchell. Hardware support for tamper-resistant and copy-resistant software. Technical report, Stanford, CA, USA, 2000.

[biblio0_046] [46] Bob Boothe. Efficient algorithms for bidirectional debugging. In Proceedings of the ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation, pages 299–310. New York, 2000. ACM.

[biblio0_047] [47] Hans Brandl. Trusted computing: The TCG trusted platform module specification. In Embedded Systems, Munich, Germany, 2004. www.wintecindustries.com/orderdesk/TPM/Documents/TPM1.2_-_Basics.pdf

[biblio0_048] [48] Ernie Brickell, Jan Camenisch, and Liqun Chen. Direct anonymous attestation. In CCS ’04: Proceedings of the 11th ACM conference on Computer and communications security, pages 132–145, New York, 2004. ACM.

[biblio0_049] [49] Andrei Z. Broder. On the resemblance and containment of documents. In Compression and Complexity of Sequences (SEQUENCES’97), pages 21–29, 1997. IEEE.

[biblio0_050] [50] H. Bunke and K. Shearer. A graph distance metric based on the maximal common subgraph. Pattern Recognition Letters, 19:255–259, 1998.

[biblio0_051] [51] Andrew “Bunnie” Huang. Keeping secrets in hardware: The microsoft Xbox case study. In Cryptographic Hardware and Embedded Systems—CHES 2002, 4th International Workshop, pages 213–227, London, 2002. Springer-Verlag.

[biblio0_052] [52] Michael G. Burke, Paul R. Carini, Jong-Deok Choi, and Michael Hind. Flow-insensitive interprocedural alias analysis in the presence of pointers. In LCPC ’94: Proceedings of the 7th International Workshop on Languages and Compilers for Parallel Computing, pages 234–250, London, 1995. Springer-Verlag.

[biblio0_053] [53] Jan Camenisch. Better privacy for trusted computing platforms (extended abstract). In ESORICS, pages 73–88, 2004. Springer-Verlag.

[biblio0_054] [54] Jan Cappaert, Nessim Kisserli, Dries Schellekens, and Bart Preneel. Self-encrypting code to protect against analysis and tampering. In 1st Benelux Workshop on Information and System Security, 2006. http://www.cosic.esat.kuleuven.be/wissec2006/

[biblio0_055] [55] Larry Carter, Jeanne Ferrante, and Clark Thomborson. Folklore confirmed: reducible flow graphs are exponentially larger. In POPL ’03: Proceedings of the 30th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 106–114, New York, 2003. ACM.

[biblio0_056] [56] Pavol Çerveň. Crackproof Your Software: Protect Your Software Against Crackers. No Starch Press, 2002. ISBN 1886411794.

[biblio0_057] [57] Mariano Ceccato, Mila Dalla Preda, Jasvir Nagra, Christian Collberg, and Paolo Tonella. Barrier slicing for remote software trusting. In SCAM ’07: Proceedings of the Seventh IEEE International Working Conference on Source Code Analysis and Manipulation, pages 27–36, Washington, DC, 2007. IEEE.

[biblio0_058] [58] Jien-Tsai Chan and Wuu Yang. Advanced obfuscation techniques for Java bytecode. J. Syst. Softw., 71(1-2):1–10, 2004.

[biblio0_059] [59] Hoi Chang and Mikhail J. Atallah. Protecting software code by guards. In Security and Privacy in Digital Rights Management, ACM CCS-8 Workshop DRM 2001, Philadelphia, November 2001. Springer-Verlag, LNCS 2320.

[biblio0_060] [60] David R. Chase, Mark Wegman, and F. Kenneth Zadeck. Analysis of pointers and structures. ACM SIGPLAN Notices, 25(6):296–310, June 1990.

[biblio0_061] [61] Y. Chen, R. Venkatesan, M. Cary, R. Pang, S. Sinha, and M. Jakubowski. Oblivious hashing: A stealthy software integrity verification primitive. In 5th Information Hiding Workshop (IHW), pages 400–414, October 2002. Springer LNCS 2578.

[biblio0_062] [62] Yuqun Chen, Ramarathnam Venkatesan, and Mariusz H. Jakubowski. Secure and opaque type library providing secure data protection of variables. U.S. Patent Application 20040003278, January 2004. Assigned to Microsoft Corporation.

[biblio0_063] [63] R. J. Chevance and T. Heidet. Static profile and dynamic behavior of COBOL programs. SIGPLAN Notices, 13(4):44–57, 1978.

[biblio0_064] [64] Shyam R. Chidamber and Chris F. Kemerer. A metrics suite for object oriented design. IEEE Transactions on Software Engineering, 20(6):476–493, June 1994.

[biblio0_065] [65] S. Chow, P. Eisen, H. Johnson, and P. van Oorschot. White-box cryptography and an AES implementation. In 9th Annual Workshop on Selected Areas in Cryptography (SAC 2002), 2002.

[biblio0_066] [66] S. Chow, H. Johnson, P. van Oorschot, and P. Eisen. A white-box DES implementation for DRM applications. In ACM CCS-9 Workshop (DRM 2002), 2002.

[biblio0_067] [67] Stanley T. Chow, Harold J. Johnson, and Yuan Gu. Tamper resistant software encoding. U.S. Patent 6594761, July 2003. Assigned to Cloakware Corporation (Ontario, CA).

[biblio0_068] [68] Stanley T. Chow, Harold J. Johnson, and Yuan Gu. Tamper resistant software encoding. U.S. Patent 6842862, January 2005. Assigned to Cloakware Corporation (Ottawa, CA).

[biblio0_069] [69] Frank Nian-Tzu Chu, Wei Wu, Julie D. Bennett, and Mohammed El-Gammal. Thread protection. U.S. Application 20050278782, December 2005. Assigned to Microsoft Corporation.

[biblio0_070] [70] Frank Nian-Tzu Chu, Wei Wu, Julie D. Bennett, and Mohammed El-Gammal. Software obfuscation. U.S. Application 20060005250, January 2006. Assigned to Microsoft Corporation.

[biblio0_071] [71] Cristina Cifuentes and Mike Van Emmerik. Recovery of jump table case statements from binary code. In IWPC ’99: Proceedings of the 7th International Workshop on Program Comprehension, page 192, Washington, DC, 1999. IEEE.

[biblio0_072] [72] Cristina Cifuentes and K. John Gough. Decompilation of binary programs. Software—Practice and Experience, 25(7):811–829, July 1995.

[biblio0_073] [73] S. Cimato, A. De Santis, and U. Ferraro Petrillo. Overcoming the obfuscation of Java programs by identifier renaming. J. Syst. Softw., 78(1):60–72, 2005.

[biblio0_074] [74] F. Cohen. Computer viruses—theory and experiments. In IFIP-TC11, Computers and Security, pages 22–35, 1987.

[biblio0_075] [75] F. Cohen. Current trends in computer viruses. In International Symposium on Information Security, 1991.

[biblio0_076] [76] Frederick B. Cohen. Operating system protection through program evolution. Computer Security, 12(6):565–584, 1993.

[biblio0_077] [77] Frederick B. Cohen. A short course on computer viruses (2nd ed.). John Wiley & Sons, Inc., New York, 1994.

[biblio0_078] [78] C. Collberg, E. Carter, S. Debray, J. Kececioglu, A. Huntwork, C. Linn, and M. Stepp. Dynamic path-based software watermarking. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 04), 2004.

[biblio0_079] [79] Christian Collberg, Edward Carter, Stephen Kobourov, and Clark Thomborson. Error-correcting graphs for software watermarking. In Workshop on Graphs in Computer Science (WG’2003), June 2003. Springer-Verlag.

[biblio0_080] [80] Christian Collberg, Andrew Huntwork, Edward Carter, and Gregg Townsend. Graph theoretic software watermarks: Implementation, analysis, and attacks. In Workshop on Information Hiding, pages 192–207, 2004. Springer-Verlag.

[biblio0_081] [81] Christian Collberg, Ginger Myles, and Andrew Huntwork. Sandmark–A tool for software protection research. IEEE Security and Privacy, 1(4):40–49, 2003. IEEE.

[biblio0_082] [82] Christian Collberg, Ginger Myles, and Michael Stepp. An empirical study of Java bytecode programs. Software—Practice & Experience, 37(6): 581–641, 2007.

[biblio0_083] [83] Christian Collberg, Jasvir Nagra, and Will Snavely. biànliăn: Remote tamper-resistance with continuous replacement. Technical Report 08-03, University of Arizona, 2008.

[biblio0_084] [84] Christian Collberg, Jasvir Nagra, and Fei-Yue Wang. Surreptitious software: Models from biology and history. 4th International Conference on Mathematical Methods, Models and Architectuce for Computer Network Security, pages 1–21, Sept. 13–15, 2007. Springer-Verlag.

[biblio0_085] [85] Christian Collberg and Tapas Ranjan Sahoo. Software watermarking in the frequency domain: implementation, analysis, and attacks. J. Comput. Secur., 13(5):721–755, 2005.

[biblio0_086] [86] Christian Collberg and Clark Thomborson. Software watermarking: Models and dynamic embeddings. In Conference Record of POPL ’99: The 26th ACM SIGPLANSIGACT Symposium on Principles of Programming Languages, 1999.

[biblio0_087] [87] Christian Collberg, Clark Thomborson, and Douglas Low. A taxonomy of obfuscating transformations. Technical Report 148, Department of Computer Science, The University of Auckland, New Zealand, July 1997. citeseer.ist.psu.edu/collberg97taxonomy.html.

[biblio0_088] [88] Christian Collberg, Clark Thomborson, and Douglas Low. Breaking abstractions and unstructuring data structures. In IEEE International Conference on Computer Languages, ICCL’98., Chicago, May 1998.

[biblio0_089] [89] Christian Collberg, Clark Thomborson, and Douglas Low. Manufacturing cheap, resilient, and stealthy opaque constructs. In ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL’98, San Diego, January 1998.

[biblio0_090] [90] Christian Collberg, Clark Thomborson, and Greg Townsend. Dynamic graph-based software fingerprinting. TOPLAS, 29(6):1–67, October 2007.

[biblio0_091] [91] Christian Sven Collberg, Clark David Thomborson, and Douglas Wai Kok Low. Obfuscation techniques for enhancing software security. U.S. Patent 6668325, December 2003. Assigned to InterTrust Technologies (Santa Clara, CA).

[biblio0_092] [92] S. D. Conte, H. E. Dunsmore, and V. Y. Shen. Software engineering metrics and models. Benjamin-Cummings Publishing Co., Inc., Redwood City, CA, 1986.

[biblio0_093] [93] Robert P. Cook and I. Lee. A contextual analysis of Pascal programs. Software—Practice and Experience, 12:195–203, 1982.

[biblio0_094] [94] T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein. Introduction to Algorithms. MIT Press and McGraw-Hill, 2nd Ed., 2001.

[biblio0_095] [95] Patrick Cousot and Radhia Cousot. An abstract interpretation-based framework for software watermarking. In POPL’04, Venice, Italy, 2004. ACM.

[biblio0_096] [96] Patrick Cousot, Michel Riguidel, and Arnaud Venet. Device and process for the signature, the marking and the authentication of computer programs. U.S. Patent 20060010430, January 2006.

[biblio0_097] [97] I. Cox, M. Miller, and J. Bloom. Watermarking applications and their properties. In Int. Conf. on Information Technology, pages 6–10, March 2000.

[biblio0_098] [98] I. J. Cox, M. L. Miller, and J. A. Bloom. Digital Watermarking: Principles and Practice. Morgan Kaufmann, 2002. IEEE.

[biblio0_099] [99] CrackZ. Dongles—“Faked Hardware Protections.” www.woodmann.com/crackz/Dongles.htm, 2007.

[biblio0_100] [100] Scott Craver, Nasir Memon, Boon-Lock Yeo, and Minerva M. Yeung. Resolving rightful ownerships with invisible watermarking techniques: limitations, attacks, and implications. IEEE Journal on Selected Areas in Communications, 16(4):573–586, May 1998.

[biblio0_101] [101] Gregory Cronin. Defense Mechanisms, pages 314–319. Salem Press, 2001.

[biblio0_102] [102] Saumya Debray Cullen Linn and John Kececioglu. Enhancing software tamper-resistance via stealthy address computations. In 19th Computer Security Applications Conference, 2003. IEEE.

[biblio0_103] [103] Larry D’Anna, Brian Matt, Andrew Reisse, Tom Van Vleck, Steve Schwab, and Patrick LeBlanc. Self-protecting mobile agents obfuscation report—Final report. Technical Report 03-015, Network Associates Laboratories, June 2003.

[biblio0_104] [104] Robert L. Davidson and Nathan Myhrvold. Method and system for generating and auditing a signature for a computer program. U.S. Patent 5559884, September 1996. Assignee: Microsoft Corporation.

[biblio0_105] [105] Eduard K. de Jong. Application program obfuscation. U.S. Application 20050069138, March 2005. Assigned to Sun Microsystems, Inc.

[biblio0_106] [106] Eduard K. de Jong. Interleaved data and instruction streams for application program obfuscation. U.S. Application 20050071664, March 2005. Assigned to Sun Microsystems, Inc.

[biblio0_107] [107] Eduard K. de Jong. Multiple instruction dispatch tables for application program obfuscation. U.S. Application 20050071652, March 2005. Assigned to Sun Microsystems, Inc.

[biblio0_108] [108] Eduard K. de Jong. Non-linear execution of application program instructions for application program obfuscation. U.S. Application 20050071653, March 2005. Assigned to Sun Microsystems, Inc.

[biblio0_109] [109] Eduard K. de Jong. Permutation of opcode values for application program obfuscation. U.S. Application 20050071655, March 2005. Assigned to Sun Microsystems, Inc.

[biblio0_110] [110] Eduard K. de Jong. Rendering and encryption engine for application program obfuscation. U.S. Application 20050069131, March 2005. Assigned to Sun Microsystems, Inc.

[biblio0_111] [111] Saumya Debray, Benjamin Schwarz, Gregory Andrews, and Matthew Legendre. PLTO: A link-time optimizer for the Intel IA-32 architecture. In Proc. 2001 Workshop on Binary Rewriting (WBT-2001), September 2001.

[biblio0_112] [112] Saumya K. Debray, William Evans, Robert Muth, and Bjorn De Sutter. Compiler techniques for code compaction. ACM Trans. Program. Lang. Syst., 22(2):378–415, 2000.

[biblio0_113] [113] Jean-Francois Dhem, Francois Koeune, Philippe-Alexandre Leroux, Patrick Mestré, Jean-Jacques Quisquater, and Jean-Louis Willems. A practical implementation of the timing attack. In CARDIS, pages 167–182, 1998. Springer-Verlag.

[biblio0_114] [114] Paul F. Dietz. Maintaining order in a linked list. In Proceedings of the 14th Annual ACM Symposium on Theory of Computing, pages 122–127, San Francisco, CA, May 1982. ACM.

[biblio0_115] [115] DoD. www.sstc-online.org/Exhibitor/exhibitorlist/OrgList.cfm?Letter=D, 2006.

[biblio0_115a] [116] DoD. Bush comment. www.military.com/Content/MoreContent/1,12044, FL-bushcomment-040301.htm,00.html, 2006.

[biblio0_116] [117] Stephen Drape. Generalising the array split obfuscation. Information Sciences, 177:202–219, 2006.

[biblio0_117] [118] Eldad Eilam. Reversing: secrets of reverse engineering. WILEY, 2005.

[biblio0_118] [119] Rakan El-Khalil and Angelos D. Keromytis. Hydan: Information hiding in program binaries. In International Conference on Information and Communications Security, pages 189–199. 2004. Springer-Verlag.

[biblio0_119] [120] Bruce S. Elenbogen and Naeem Seliya. Detecting outsourced student programming assignments. J. Comput. Small Coll., 23(3):50–57, 2008.

[biblio0_120] [121] W. Elliot and R. Valenza. Was the Earl of Oxford the true Shakespeare? Notes and Queries, 38(4):501–506, 1991.

[biblio0_121] [122] Mike Van Emmerik and Trent Waddington. Using a decompiler for real-world source recovery. In 11th Working Conference on Reverse Engineering (WCRE 2004), pages 27–36. IEEE, 2004.

[biblio0_122] [123] Paul England, Butler Lampson, John Manferdelli, Marcus Peinado, and Bryan Willman. A trusted open platform. Computer, 36(7):55–62, 2003.

[biblio0_123] [124] Ernie. Disk copy protection. http://groups.google.com/group/comp.misc/msg/40908776591692bb, March 1997.

[biblio0_124] [125] M. Anton Ertl. Stack caching for interpreters. SIGPLAN Not., 30(6):315–327, 1995.

[biblio0_125] [126] Nick Farrell. Mac Display Eater kills home files. The Inquirer (February 27, 2007), 2007. www.theinquirer.net/default.aspx?article=37824.

[biblio0_126] [127] Robert Fitzgerald, Todd B. Knoblock, Erik Ruf, Bjarne Steensgaard, and David. Marmot: an optimizing compiler for Java. Software—Practice and Experience, 30(3):199–232, 2000.

[biblio0_127] [128] Counsel for IBM Corporation. Software birthmarks. Talk to BCS Technology of Software Protection Special Interest Group. Reported in [18], 1985.

[biblio0_128] [129] Aviezri S. Fraenkel. New proof of the generalized Chinese remainder theorem. Proceedings of the American Mathematical Society, 14(5):790–791, October 1963. American Mathematical Society.

[biblio0_129] [130] Georgia Frantzeskou and Stefanos Gritzalis. Source code authorship analysis for supporting the cybercrime investigation process. In International Conference on E-business and Telecommunication Networks (ICETE), pages 85–92. INSTICC Press, 2004.

[biblio0_130] [131] Michael L. Fredman, János Komlós, and Endre Szemerédi. Storing a sparse table with 0(1) worst case access time. Journal of the ACM, 31(3):538–544, 1984.

[biblio0_131] [132] Kazuhide Fukushima and Kouichi Sakurai. A software fingerprinting scheme for Java using classfiles obfuscation. In Information Security Applications, pages 303–316, 2003. Springer-Verlag.

[biblio0_132] [133] Dhananjay V. Gadre. Roll your own electronic lock. Electronic Design, February 2000. http://electronicdesign.com/Articles/ArticleID/1154/1154.html

[biblio0_133] [134] B. Gassend, G. Suh, D. Clarke, M. Dijk, and S. Devadas. Caches and hash trees for efficient memory integrity verification. In The 9th International Symposium on High Performance Computer Architecture (HPCA9), February 2003. IEEE.

[biblio0_134] [135] Jun Ge, Soma Chaudhuri, and Akhilesh Tyagi. Control flow based obfuscation. In DRM ’05: Proceedings of the 5th ACM Workshop on Digital Rights Management, pages 83–92, New York, 2005. ACM.

[biblio0_135] [136] Gemalto. TOP DM GX4, Product information. www.gemalto.com/products/top-javacard, 2007.

[biblio0_136] [137] Rakesh Ghiya and Laurie J. Hendren. Is it a tree, a DAG, or a cyclic graph? A shape analysis for heap-directed pointers in C. In POPL’96, pages 1–15, St. Petersburg Beach, Florida, 21–24 January 1996. ACM.

[biblio0_137] [138] Jonathon Giffin, Mihai Christodorescu, and Louis Kruger. Strengthening software self-checksumming via self-modifying code. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), pages 18–27, Tucson, AZ, December 2005. Applied Computer Associates, IEEE.

[biblio0_138] [139] Jonathon T. Giffin, Mihai Christodorescu, and Louis Kruger. Strengthening software self-checksumming via self-modifying code. Technical Report 1531, University of Wisconsin, Madison, September 2005.

[biblio0_139] [140] Mahadevan Gomathisankaran. Architecture support for 3D obfuscation. IEEE Trans. Comput., 55(5):497–507, 2006.

[biblio0_140] [141] I. P. Goulden and D. M. Jackson. Combinatorial Enumeration. New York: Wiley, 1983.

[biblio0_141] [142] Torbjörn Granlund and Richard Kenner. Eliminating branches using a superoptimizer and the GNU C compiler. In ACM SIGPLAN ’92 Conference on Programming Language Design and Implementation, 1992. ACM.

[biblio0_142] [143] Trusted Computing Group. TCG specification architecture overview, revision 1.4, August 2007. www.trustedcomputinggroup.org/resources/tcg_architecture_overview_version_14

[biblio0_143] [144] Tim Güneysu. CD/DVD copy protection. Technical report, Ruhr-Universität Bochum, December 2004.

[biblio0_144] [145] Lan Guo, Supratik Mukhopadhyay, and Bojan Cukic. Does your result checker really check? dsn, 00:399, 2004.

[biblio0_145] [146] Jens Gustedt, Ole A. Mhle, and Jan Arne Telle. The treewidth of Java programs. In 4th International Workshop on Algorithm Engineering and Experiments (ALENEX), 2002. Springer-Verlag.

[biblio0_146] [147] Gael Hachez. A Comparative Study of Software Protection Tools Suited for E-Commerce with Contributions to Software Watermarking and Smart Cards. Ph.D. thesis, Universite Catholique de Louvain, March 2003.

[biblio0_147] [148] J. Alex Halderman. Evaluating new copy-prevention techniques for audio CDs. In Proc. 2002 ACM Workshop on Digital Rights Management (DRM 02), November 2002. ACM.

[biblio0_148] [149] J. Alex Halderman. Analysis of the MediaMax CD3 copy-prevention system. Technical Report TR-679-03, Princeton University Computer Science Department, Princeton, NJ, October 2003.

[biblio0_149] [150] J. Alex Halderman and Edward W. Felten. Lessons from the Sony CD DRM episode. In Proc. 15th USENIX Security Symposium, pages 77–92, Vancouver, BC, August 2006. USENIX.

[biblio0_150] [151] M. H. Halstead. Elements of Software Science. Elsevier North-Holland, 1977.

[biblio0_151] [152] Frank Harary and E. Palmer. Graphical Enumeration. New York: Academic Press, 1973.

[biblio0_152] [153] Ben Hardekopf and Calvin Lin. The ant and the grasshopper: Fast and accurate pointer analysis for millions of lines of code. SIGPLAN Not., 42(6):290–299, 2007.

[biblio0_153] [154] Laune C. Harris and Barton P. Miller. Practical analysis of stripped binary code. SIGARCH Comput. Archit. News, 33(5):63–68, 2005.

[biblio0_154] [155] Warren A. Harrison and Kenneth I. Magel. A complexity measure based on nesting level. SIGPLAN Notices, 16(3):63–74, 1981.

[biblio0_155] [156] Kazuhiro Hattanda and Shuichi Ichikawa. The evaluation of Davidson’s digital signature scheme. IEICE Transactions, 87-A(1):224–225, 2004.

[biblio0_156] [157] Kelly Heffner and Christian S. Collberg. The obfuscation executive. In Information Security, 7th International Conference, pages 428–440. Springer-Verlag, 2004. Lecture Notes in Computer Science, #3225.

[biblio0_157] [158] L. J. Hendren and A. Nicolau. Parallelizing programs with recursive data structures. IEEE Trans. Parallel Distrib. Syst., 1(1):35–47, 1990.

[biblio0_158] [159] James Hendricks and Leendert van Doorn. Secure bootstrap is not enough: shoring up the trusted computing base. In EW11: Proceedings of the 11th workshop on ACM SIGOPS European Workshop, page 11, New York, 2004. ACM.

[biblio0_159] [160] Sallie Henry and Dennis Kafura. Software structure metrics based on information flow. IEEE Transactions on Software Engineering, 7(5):510–518, September 1981.

[biblio0_160] [161] Amir Herzberg, Haya Shulman, Amitabh Saxena, and Bruno Crispo. Towards a theory of white-box security. In SEC-2009 International Information Security Conference, 2009.

[biblio0_161] [162] Bert Hill. Dutch firm offers $72.5m U.S. for Cloakware. Ottawa Citizen, December 2007. www.canada.com/ottawacitizen/news/business/story.html?id=5a3af664-2eb7-47b3-bd1d-d3044dbcd3a9.

[biblio0_162] [163] Michael Hind. Pointer analysis: haven’t we solved this problem yet? In PASTE ’01: Proceedings of the 2001 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, pages 54–61, New York, 2001. ACM.

[biblio0_163] [164] Michael Hind and Anthony Pioli. Which pointer analysis should i use? In ISSTA ’00: Proceedings of the 2000 ACM SIGSOFT International Symposium on Software Testing and Analysis, pages 113–123, New York, 2000. ACM.

[biblio0_164] [165] Fritz Hohl. Time limited blackbox security: Protecting mobile agents from malicious hosts. In Mobile Agents and Security, pages 92–113. Springer-Verlag, 1998. Lecture Notes in Computer Science, Vol. 1419.

[biblio0_165] [166] Thorsten Holz and Frederic Raynal. Detecting honeypots and other suspicious environments. In Proceedings of the 2005 IEEE Workshop on Information Assurance and Security, U.S. Military Academy, West Point, NY, June 2005.

[biblio0_166] [167] Bill Horne, Lesley Matheson, Casey Sheehan, and Robert E. Tarjan. Dynamic self-checking techniques for improved tamper resistance. In Security and Privacy in Digital Rights Management, ACM CCS-8 Workshop DRM 2001, Philadelphia, November 2001. Springer-Verlag, LNCS 2320.

[biblio0_167] [168] William G. Horne, Lesley R. Matheson, Casey Sheehan, and Robert E. Tarjan. Software self-checking systems and methods. U.S. Application 20030023856, January 2003. Assigned to InterTrust Technologies Corporation.

[biblio0_168] [169] James J. Horning, W. Olin Sibert, Robert E. Tarjan, Umesh Maheshwari, William G. Home, Andrew K. Wright, Lesley R. Matheson, and Susan Owicki. Software self-defense systems and methods. U.S. Application 20050210275, September 2005. Assigned to InterTrust Technologies Corporation.

[biblio0_169] [170] Susan Horwitz. Precise flow-insensitive May-Alias analysis is NP-hard. TOPLAS, 19(1):1–6, January 1997.

[biblio0_170] [171] Susan Horwitz, Thomas Reps, and David Binkley. Interprocedural slicing using dependence graphs. TOPLAS, 12(1):26–60, January 1990.

[biblio0_171] [172] Andrew “Bunnie” Huang. Hacking the Xbox: An Introduction to Reverse Engineering. No Starch Press, San Francisco, CA, 2003.

[biblio0_172] [173] Ibm pci-x cryptographic coprocessor. www.ibm.com/security/cryptocards/pcixcc/overview.shtml, January 2009.

[biblio0_173] [174] National Institute of Standards Information Technology Laboratory and Technology. Security requirements for cryptographic modules. http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf, May 2001.

[biblio0_174] [175] International Organization for Standardization and European Computer Manufacturers Association. Information processing: volume and file structure of CD-ROM for information interchange. International standard; ISO 9660: 1988 (E), ISO, April 1988.

[biblio0_175] [176] Intertrust. Microsoft settlement. www.intertrust.com/main/ip/settlement.html, April 2004.

[biblio0_176] [177] IOCCC. The international obfuscated c code contest. www.ioccc.org, 2007.

[biblio0_177] [178] Matthias Jacob, Mariusz H. Jakubowski, and Ramarathnam Venkatesan. Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings. In Proceedings of the 9th workshop on Multimedia & Security, pages 129–140, New York, 2007. ACM.

[biblio0_178] [179] Mariusz H. Jakubowski and Ramarathnam Venkatesan. Protecting digital goods using oblivious checking. U.S. Patent 7,080,257, July 2006.

[biblio0_179] [180] Mariusz H. Jakubowski, Ramarathnam Venkatesan, and Saurabh Sinha. System and method for protecting digital goods using random and automatic code obfuscation. U.S. Patent 7054443, May 2006.

[biblio0_180] [181] Christopher Johnson. Illinois man who distributed illegally copied movies pleads guilty to federal copyright infringement charges. U.S. Department of Justice, Assistant U.S. Attorney, Central District of California, Release No. 04-049, April 2004. www.usdoj.gov/criminal/cybercrime/spraguePlea.htm.

[biblio0_181] [182] Harold Joseph Johnson, Yuan Xiang Gu, Becky Laiping Chan, and Stanley Taihai Chow. Encoding technique for software and hardware. U.S. Patent 5748741, May 1998. Assigned to Northern Telecom Limited (Montreal).

[biblio0_182] [183] James A. Jones, Alessandro Orso, and Mary Jean Harrold. Gammatella: visualizing program-execution data for deployed software. Information Visualization, 3(3):173–188, 2004.

[biblio0_183] [184] Rajeev Joshi, Greg Nelson, and Keith Randall. Denali: a goal-directed superoptimizer. SIGPLAN Not., 37(5):304–314, 2002.

[biblio0_184] [185] I. J. Jozwiak, A. Liber, and K. Marczak. A hardware-based software protection systems–analysis of security dongles with memory. In ICCGI ’07: Proceedings of the International Multi-Conference on Computing in the Global Information Technology, page 28, Washington, DC, 2007. IEEE.

[biblio0_185] [186] David Kahn. The Codebreakers. Scribner, 1996.

[biblio0_186] [187] Sampath Kannan and Todd Proebsting. Register allocation in structured programs. In SODA: ACM-SIAM Symposium on Discrete Algorithms (A Conference on Theoretical and Experimental Analysis of Discrete Algorithms), 1995.

[biblio0_187] [188] Sampath Kannan and Todd Proebsting. Register allocation in structured programs. J. Algorithms, 29(2):223–237, 1998.

[biblio0_188] [189] Yuichiro Kanzaki. Protecting Secret Information in Software Processes and Products. Ph.D. thesis, Nara Institute of Science and Technology, 2006.

[biblio0_189] [190] Yuichiro Kanzaki, Akito Monden, Masahide Nakamura, and Ken-ichi Matsumoto. Exploiting self-modification mechanism for program protection. In COMPSAC ’03: Proceedings of the 27th Annual International Conference on Computer Software and Applications, page 170, Washington, DC, 2003. IEEE Computer Society.

[biblio0_190] [191] Yuichiro Kanzaki, Akito Monden, Masahide Nakamura, and Ken-ichi Matsumoto. A software protection method based on instruction camouflage. Electronics and Communications in Japan (Part III: Fundamental Electronic Science), 89(1):47–59, 2006.

[biblio0_191] [192] Richard M. Karp and Michael O. Rabin. Efficient randomized pattern-matching algorithms. IBM J. Res. Dev., 31(2):249–260, 1987.

[biblio0_192] [193] Gaurav Kc, Angelos Keromytis, and Vassilis Prevelakis. Countering code-injection attacks with instruction set randomization. In 10th ACM Conference on Computer and Communications Security, pages 272–280, 2003. ACM.

[biblio0_192a] [194] Thomas A Keaney and Eliot A Cohen. Gulf War Air Power Survey Summary Report. 1993. ISBN: 0160419506.

[biblio0_193] [195] Jack Kelley. Terror groups hide behind web encryption. USA Today, February 5, 2001.

[biblio0_194] [196] B. W. Kernighan and D. M. Ritchie. The C Programming Language. Prentice-Hall, Englewood Cliffs, NJ, 1978.

[biblio0_195] [197] Raymond R. Kiddy. Method of obfuscating computer instruction streams. U.S. Patent 6694435, February 2004. Assigned to Apple Computer, Inc. (Cupertino, CA).

[biblio0_196] [198] David Kilburn. Dirty linen, dark secrets. Adweek, 38(40):35–40, October 1997.

[biblio0_197] [199] Alexander Klimov and Adi Shamir. A new class of invertible mappings. In CHES ’02: Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, pages 470–483, London, 2003. Springer-Verlag.

[biblio0_198] [200] Paul Klint. Interpretation techniques. Software, Practice & Experience, 11(9):963–973, 1981.

[biblio0_199] [201] Donald E. Knuth. An empirical study of FORTRAN programs. Software—Practice & Experience, 1:105–133, 1971.

[biblio0_200] [202] Donald E. Knuth. Fundamental Algorithms, volume 1 of The Art of Computer Programming, Third Ed., Addison-Wesley, Reading, MA, 1997.

[biblio0_201] [203] P. Kocher, J. Jaffe, B. Jun, C. Laren, and N. Lawson. Self-protecting digital content. Technical report, Cryptography Research, 2002.

[biblio0_202] [204] Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. Lecture Notes in Computer Science, 1666:388–397, 1999.

[biblio0_203] [205] Paul C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. Lecture Notes in Computer Science, 1109:104–113, 1996.

[biblio0_204] [206] Gina Kolata. Veiled messages of terror may lurk in cyberspace. New York Times, October 30, 2001.

[biblio0_205] [207] Oliver Kömmerling and Markus G. Kuhn. Design principles for tamper-resistant smartcard processors. In Proceedings of the USENIX Workshop on Smartcard Technology, Chicago, 10–11 May, 1999., pages 9–20, 1999. USENIX.

[biblio0_206] [208] Raghavan Komondoor and Susan Horwitz. Using slicing to identify duplication in source code. In Proceedings of the 8th International Symposium on Static Analysis, pages 40–56. Springer-Verlag, 2001.

[biblio0_207] [209] K. Kontogiannis. Evaluation experiments on the detection of programming patterns using software metrics. Working Conference on reverse Engineering, 0:44, 1997. IEEE.

[biblio0_208] [210] F. Koushanfar, G. Qu, and M. Potkonjak. Intellectual property metering. In 4th Information Hiding Workshop, pages 87–102, 2001. Springer-Verlag.

[biblio0_209] [211] Ivan Krsul and Eugene Spafford. Authorship analysis: Identifying the author of a program. Technical report CSD-TR-94-030, Computer Science Deparment, Purdue University, 1994.

[biblio0_210] [212] Christopher Kruegel, William Robertson, Fredrik Valeur, and Giovanni Vigna. Static disassembly of obfuscated binaries. In SSYM’04: Proceedings of the 13th Conference on USENIX Security Symposium, pages 18–18, Berkeley, CA, 2004. USENIX.

[biblio0_211] [213] Markus Kuhn. The TrustNo 1 cryptoprocessor concept. Technical Report CS555, Purdue University, April 1997.

[biblio0_212] [214] Markus G. Kuhn. Sicherheitsanalyse eines mikroprozessors mit busverschlüsselung (security analysis of a microprocessor with bus encryption). Master’s thesis, Erlangen, Germany, July 1996. (in German)

[biblio0_213] [215] Markus G. Kuhn. Cipher instruction search attack on the bus-encryption security microcontroller ds5002fp. IEEE Transactions on Computers, 47(10):1153–1157, 1998.

[biblio0_214] [216] Sukhamay Kundu and Jaydev Misra. A linear tree partitioning algorithm. SIAM Journal of Computing, 6(1):151–154, March 1997.

[biblio0_215] [217] Martin Kutter and Frank Hartung. Introduction to watermarking techniques. In S. Katzenbeisser and F. Petitcolas, editors, Information Hiding: Techniques for Steganography and Digital Watermarking, pages 97–120. Artech House, 2000.

[biblio0_216] [218] Mark D. LaDue. HoseMocha, January 1997. www.cigital.com/hostile-applets/HoseMocha.java.

[biblio0_217] [219] M.K. Lai. Knapsack cryptosystems: the past and the future. www.ics.uci.edu/mingl/knapsack.html, 2003.

[biblio0_218] [220] Robert Charles Lange and Spiros Mancoridis. Using code metric histograms and genetic algorithms to perform author identification for software forensics. In GECCO ’07: Proceedings of the 9th Annual Conference on Genetic and Evolutionary Computation, pages 2082–2089, New York, 2007. ACM.

[biblio0_219] [221] James R. Larus. Whole program paths. In Proceedings of the SIGPLAN ’99 Conference on Programming Languages Design and Implementation, 1999. ACM.

[biblio0_220] [222] Tímea Lászlo and Ákos Kiss. Obfuscating C++ programs via control flow flattening. In 10th Symposium on Programming Languages and Software Tools (SPLST 2007), pages 15–29, Dobogókõ, Hungary, June 2007.

[biblio0_221] [223] Tímea Lászlo and Ákos Kiss. Obfuscating C++ programs via control flow flattening. Annales Universitatis Scientiarum de Rolando Eötvös Nominatae—Sectio Computatorica, 2008.

[biblio0_222] [224] Kevin Lawton. Bochs 2.3.7. http://bochs.sourceforge.net, 2008. ACM.

[biblio0_223] [225] Thomas W. Lee. Microelectronic Failure Analysis—Desk Reference. ASM International, Materials Park, OH, 3rd ed., 1993.

[biblio0_224] [226] Thomas W. Lee and Seshu V. Pabbisetty, editors. Microelectronic Failure Analysis—Desk Reference. ASM International, Materials Park, OH, 3rd ed., 1993.

[biblio0_225] [227] Don Libes. Obfuscated C and Other Mysteries. Wiley, 1993.

[biblio0_226] [228] D. Lie, C. Thekkath, and M. Horowitz. Implementing an untrusted operating system on trusted hardware. In Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, pages 178–192, 2003. ACM.

[biblio0_227] [229] David Lie, John Mitchell, Chandramohan A. Thekkath, and Mark Horowitz. Specifying and verifying hardware for tamper-resistant software. In SP ’03: Proceedings of the 2003 IEEE Symposium on Security and Privacy, page 166, Washington, DC, 2003. IEEE Computer Society.

[biblio0_228] [230] David Lie, Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. Architectural support for copy and tamper resistant software. In ASPLOS-IX: Proceedings of the Ninth International Conference on Architectural Support for Programming Languages and Operating Systems, pages 168–177, New York, 2000. ACM.

[biblio0_229] [231] Cullen Linn and Saumya Debray. Obfuscation of executable code to improve resistance to static disassembly. In Proceedings of the 10th ACM Conference on Computer and Communications Security, pages 290–299, 2003. ACM.

[biblio0_230] [232] Chao Liu, Chen Chen, Jiawei Han, and Philip S. Yu. Gplag: detection of software plagiarism by program dependence graph analysis. In KDD ’06: Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 872–881, New York, 2006. ACM.

[biblio0_231] [233] B. Lynn, M. Prabhakaran, and A. Sahai. Positive results and techniques for obfuscation. In Eurocrypt, 2004. Springer–Verlag.

[biblio0_232] [234] Matias Madou, Bertrand Anckaert, Bjorn De Sutter, and De Bosschere Koen. Hybrid static-dynamic attacks against software protection mechanisms. In Proceedings of the 5th ACM Workshop on Digital Rights Management. ACM, 2005.

[biblio0_233] [235] Matias Madou, Bertrand Anckaert, Patrick Moseley, Saumya Debray, Bjorn De Sutter, and Koen De Bosschere. Software protection through dynamic code mutation. In The 6th International Workshop on Information Security Applications (WISA 2005). Springer-Verlag, August 2005.

[biblio0_234] [236] Matias Madou, Ludo Van Put, and Koen De Bosschere. Loco: an interactive code (de)obfuscation tool. In PEPM ’06: Proceedings of the 2006 ACM SIGPLAN Symposium on Partial Evaluation and Semantics-based Program Manipulation, pages 140–144, New York, 2006. ACM.

[biblio0_235] [237] Matias Madou, Ludo Van Put, and Koen De Bosschere. Understanding obfuscated code. In ICPC ’06: Proceedings of the 14th IEEE International Conference on Program Comprehension, pages 268–274, Washington, DC, 2006. IEEE.

[biblio0_236] [238] Christopher J. Madsen. VBinDiff 3.0 beta 4—visual binary diff. www.cjmweb.net/vbindiff, 2008.

[biblio0_237] [239] David Paul Maher. Fault induction attacks, tamper resistance, and hostile reverse engineering in perspective. In FC ’97: Proceedings of the First International Conference on Financial Cryptography, pages 109–122, London, 1997. Springer-Verlag.

[biblio0_238] [240] Anirban Majumdar., Antoine Monsifrot, and Clark D. Thomborson. On evaluating obfuscatory strength of alias-based transforms using static analysis. In International Conference on Advanced Computing and Communications (ADCOM 2006), pages 605–610, December 2006. IEEE.

[biblio0_239] [241] Anirban Majumdar, Stephen Drape, and Clark Thomborson. Metrics-based evaluation of slicing obfuscations. In IAS ’07: Proceedings of the Third International Symposium on Information Assurance and Security, pages 472–477, Washington, DC, 2007. IEEE.

[biblio0_240] [242] Anirban Majumdar, Stephen J. Drape, and Clark D. Thomborson. Slicing obfuscations: design, correctness, and evaluation. In DRM ’07: Proceedings of the 2007 ACM Workshop on Digital Rights Management, pages 70–81, New York, 2007. ACM.

[biblio0_241] [243] J. Marchesini, S.W. Smith, O. Wild, and Rich MacDonald. Experimenting with TCPA/TCG hardware, or: How I learned to stop worrying and love the bear. Technical report TR2003-476, Computer Science, Dartmouth College, December 2003.

[biblio0_242] [244] Harry Massalin. Superoptimizer—a look at the smallest program. In Proceedings Second International Conference on Architechtural Support for Programming Languages and Operating Systems (ASPLOS II), Palo Alto, CA, October 1987. ACM.

[biblio0_243] [245] T. J. McCabe. A complexity measure. IEEE Transactions on Software Engineering, 2(4):308–320, December 1976.

[biblio0_244] [246] Jonathan M. McCune, Adrian Perrig, Arvind Seshadri, and Leendert van Doorn. Turtles all the way down: Research challenges in user-based attestation. In Proceedings of the Workshop on Hot Topics in Security (HotSec), August 2007. USENIX.

[biblio0_245] [247] George H. Mealy. A method for synthesizing sequential circuits. Bell System Technical Journal, 34(5):1045–1079, 1955.

[biblio0_246] [248] Hayden Melton and Ewan Tempero. An empirical study of cycles among classes in Java. Empirical Softw. Eng., 12(4):389–415, 2007.

[biblio0_247] [249] R. C. Merkle. Protocols for public key cryptosystem. In Proceedings IEEE Symp. Security and Privacy, pages 122–134, 1980. IEEE.

[biblio0_248] [250] Microsoft. Preemptive solutions’ dotfuscator will ship with microsoft visual studio 2005. www.microsoft.com/presspass/press/2004/jul04/07-19preemptivesolutionpr.mspx, July 2004.

[biblio0_249] [251] A. Monden, I. Hajimu, K. Matsumoto, I. Katsuro, and K. Torii. Watermarking Java programs, In Proc. 4th International Symposium on Future Software Technology (ISFST’99), pages 119–124, 1999. Nanjing, China: Software Engineers Association.

[biblio0_250] [252] A. Monden, H. Iida, K. Matsumoto, Katsuro Inoue, and Koji Torii. A practical method for watermarking Java programs. In 24th Computer Software and Applications Conference, 2000. IEEE.

[biblio0_251] [253] Akito Monden, Hajimu Iida, Ken ichi Matsumoto, Koji Torii, and Yuuji Ichisugi. Watermarking method for computer programs. In Proceedings of the 1998 Symposium on Cyptography and Information Security (SCIS’98—9.2A), January 1998. (In Japanese)

[biblio0_252] [254] Akito Monden, Antoine Monsifrot, and Clark Thomborson. A framework for obfuscated interpretation. In ACSW Frontiers ’04: Proceedings of the Second Workshop on Australasian Information Security, Data Mining and Web Intelligence, and Software Internationalisation, pages 7–16, Darlinghurst, Australia, 2004. Australian Computer Society, Inc.

[biblio0_253] [255] Scott A. Moskowitz and Marc Cooperman. Method for stega-cipher protection of computer code. U.S. Patent 5745569, January 1996. Assignee: The Dice Company.

[biblio0_254] [256] F. Mosteller and D. L. Wallace. Inference and Disputed Authorship: The Federalist. Addison Wesley, Reading. MA, 1964.

[biblio0_255] [257] Steven S. Muchnick. Advanced Compiler Design and Implementation. Morgan Kaufmann Publishers Inc., San Francisco, CA, 1997.

[biblio0_256] [258] John C. Munson and Taghi M. Kohshgoftaar. Measurement of data structure complexity. Journal of Systems Software, 20:217–225, 1993.

[biblio0_257] [259] G. Myles and H. Jin. Self-validating branch-based software watermarking. In 7th International Information Hiding Workshop, 2005. Springer-Verlag.

[biblio0_258] [260] Ginger Myles. Software Theft Detection Through Program Identification. Ph.D. thesis, University of Arizona, 2006.

[biblio0_259] [261] Ginger Myles and Christian Collberg. Software watermarking through register allocation: Implementation, analysis, and attacks. In ICISC’2003 (International Conference on Information Security and Cryptology), 2003. Springer-Verlag.

[biblio0_260] [262] Ginger Myles and Christian Collberg. Detecting software theft via whole program path birthmarks. In Information Security, 7th International Conference, 2004. IEEE.

[biblio0_261] [263] Ginger Myles, Christian Collberg, Zachary Heidepriem, and Armand Navabi. The evaluation of two software watermarking algorithms. Software:Practice and Experience, 35(10):923–938, 2005.

[biblio0_262] [264] J. Nagra and C. Thomborson. Threading software watermarks. In 6th International Information Hiding Workshop, 2004. Springer-Verlag.

[biblio0_263] [265] Jasvir Nagra. Threading Software Watermarks. Ph.D. thesis, University of Auckland, March 2006.

[biblio0_264] [266] Jasvir Nagra, Clark Thomborson, and Christian Collberg. A functional taxonomy for software watermarking. In M. J. Oudshoorn, editor, Proc. 25th Australasian Computer Science Conference, pages 177–186. ACS, January 2002.

[biblio0_265] [267] Arvind Narayanan and Vitaly Shmatikov. Obfuscated databases and group privacy. In CCS ’05: Proceedings of the 12th ACM Conference on Computer and Communications Security, pages 102–111, New York, 2005. ACM.

[biblio0_266] [268] Joseph M. Nardone, Richard P. Mangold, Jody L. Pfotenhauer, Keith L. Shippy, David W. Aucsmith, Richard L. Maliszewski, and Gary L. Graunke. Tamper resistant methods and apparatus. U.S. Patent 6205550, March 2001. Assigned to Intel Corporation (Santa Clara, CA).

[biblio0_267] [269] Joseph M. Nardone, Richard P. Mangold, Jody L. Pfotenhauer, Keith L. Shippy, David W. Aucsmith, Richard L. Maliszewski, and Gary L. Graunke. Tamper resistant player for scrambled contents. U.S. Patent 6175925, January 2001. Assigned to Intel Corporation (Santa Clara, CA).

[biblio0_268] [270] Joseph M. Nardone, Richard T. Mangold, Jody L. Pfotenhauer, Keith L. Shippy, David W. Aucsmith, Richard L. Maliszewski, and Gary L. Graunke. Tamper resistant methods and apparatus. U.S. Patent 6178509, January 2001. Assigned to Intel Corporation (Santa Clara, CA).

[biblio0_269] [271] Gleb Naumovich, Ezgi Yalcin, Nasir D. Memon, Hong Heather Yu, and Mikhail Sosonkin. Class coalescence for obfuscation of object-oriented software. U.S. Application 20040103404, May 2004.

[biblio0_270] [272] George C. Necula, Scott Mcpeak, S. P. Rahul, and Westley Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In Compiler Construction, pages 213–228, Grenoble, 2002. Springer-Verlag.

[biblio0_271] [273] Roger M. Needham and David J. Wheeler. Correction to xtea. Technical report, Computer Laboratory, Cambridge University, England, October 1998.

[biblio0_272] [274] C. G. Nevill-Manning and I. H. Witten. Compression and explanation using hierarchical grammars. The Computer Journal, 40:103–116, 1997.

[biblio0_273] [275] Diarmuid O’Donoghue, Aine Leddy, James Power, and John Waldron. Bigram analysis of Java bytecode sequences. In Proceedings of the Second Workshop on Intermediate Representation Engineering for the Java Virtual Machine, pages 187–192, 2002. National University of Ireland.

[biblio0_274] [276] O. Ore. The general Chinese remainder theorem. American Mathematical Monthly, 59:365–370, 1952.

[biblio0_275] [277] John K. Ousterhout. Why threads are a bad idea (for most purposes). Invited Talk at Usenix Technical Conference, 1996. Slides available at www.sunlabs.com/~ouster/.

[biblio0_276] [278] E. I. Oviedo. Control flow, data flow, and program complexity. In Proceedings of IEEE COMPSAC, pages 146–152, November 1980. IEEE.

[biblio0_277] [279] Pascal Paillier. Public-key cryptosystems based on composite degree residuosity classes. In Proceedings of EUROCRYPT’99, volume LNCS 1592, pages 223–238. Springer-Verlag, 1999.

[biblio0_278] [280] Jens Palsberg, S. Krishnaswamy, Minseok Kwon, D. Ma, Qiuyun Shao, and Y. Zhang. Experience with software watermarking. In Proceedings of ACSAC’00, 16th Annual Computer Security Applications Conference, pages 308–316, 2000. IEEE.

[biblio0_279] [281] Jason R. C. Patterson. Accurate static branch prediction by value range propagation. In SIGPLAN Conference on Programming Language Design and Implementation, pages 67–78, 1995. ACM.

[biblio0_280] [282] Fabien A. P. Petitcolas. Stirmark 3.1. www.cl.cam.ac.uk/~fapp2/watermarking/stirmark, February 2004.

[biblio0_281] [283] Fabien A. P. Petitcolas, Ross J. Anderson, and Markus G. Kuhn. Attacks on copyright marking systems. In LNCS 1525, Information Hiding, Second International Workshop, IH’98, pages 219–239, Portland, OR, 1998. Springer-Verlag. ISBN 3540653864.

[biblio0_282] [284] Karl Pettis and Robert C. Hansen. Profile guided code positioning. In SIGPLAN Conference on Programming Language Design and Implementation, pages 16–27, 1990. ACM.

[biblio0_283] [285] John Phipps. The Protection of Computer Software—Its Technology and Applications, Physical protection devices, pages 57–78. Cambridge University Press, New York, 1989.

[biblio0_284] [286] Ugo Piazzalunga, Paolo Salvaneschi, Francesco Balducci, Pablo Jacomuzzi, and Cristiano Moroncelli. Security strength measurement for dongle-protected software. IEEE Security and Privacy, 5(6):32–40, 2007.

[biblio0_285] [287] M. Dalla Preda and R. Giacobazzi. Semantic-based code obfuscation by abstract interpretation. In Proceedings of the 32nd International Colloquium on Automata, Languages and Programming (ICALP’05), volume 350 of Lecture Notes in Computer Science, pages 1325–1336, July 2005. Springer-Verlag.

[biblio0_286] [288] Mila Dalla Preda. Code Obfuscation and Malware Detection by Abstract Interpretation. Ph.D. thesis, Dipartimento di Informatica, Universita’ di Verona, 2007.

[biblio0_287] [289] Mila Dalla Preda and Roberto Giacobazzi. Control code obfuscation by abstract interpretation. In SEFM ’05: Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods, pages 301–310, Washington, DC, 2005. IEEE.

[biblio0_288] [290] Mila Dalla Preda, Matias Madou, Koen De Bosschere, and Roberto Giacobazzi. Opaque predicates detection by abstract interpretation. In Algebraic Methodology and Software Technology, 11th International Conference, AMAST 2006, volume 4019 of Lecture Notes in Computer Science, pages 81–95, 2006. Springer-Verlag.

[biblio0_289] [291] Private communication.

[biblio0_290] [292] Todd Proebsting. Optimizing ANSI C with superoperators. In POPL’96. ACM, January 1996.

[biblio0_291] [293] Todd A. Proebsting and Scott A. Watterson. Krakatoa: Decompilation in Java (Does bytecode reveal source?). In Third USENIX Conference on Object-Oriented Technologies, June 1997. USENIX.

[biblio0_292] [294] Niels Provos and Peter Honeyman. Detecting steganographic content on the Internet. In ISOC NDSS’02, San Diego, CA, February 2002. The Internet Society.

[biblio0_293] [295] William Pugh. The Omega test: a fast and practical integer programming algorithm for dependence analysis. In Supercomputing, pages 4–13, 1991. IEEE/ACM.

[biblio0_294] [296] Ludo Van Put, Dominique Chanet, Bruno De Bus, Bjorn De Sutter, and Koen De Bosschere. Diablo: a reliable, retargetable and extensible link-time rewriting framework. In Proceedings of the 2005 IEEE International Symposium On Signal Processing And Information Technology, pages 7–12, Athens, 12 2005. IEEE.

[biblio0_295] [297] Gang Qu and Miodrag Potkonjak. Analysis of watermarking techniques for graph coloring problem. In Proceedings of the 1998 IEEE/ACM International Conference on Computer-Aided Design, pages 190–193. ACM, 1998.

[biblio0_296] [298] Gang Qu and Miodrag Potkonjak. Hiding signatures in graph coloring solutions. In Information Hiding, pages 348–367, 1999. Springer-Verlag.

[biblio0_297] [299] Gang Qu and Miodrag Potkonjak. Fingerprinting intellectual property using constraint-addition. In Design Automation Conference, pages 587–592, 2000. IEEE.

[biblio0_298] [300] M. Rabin. How to exchange secret by oblivious transfer. Technical report, Harvard Center for Research in Computer Technology, Cambridge, MA, 1981.

[biblio0_299] [301] R. Raghunathan and D. Davis. Microelectronic Failure Analysis—Desk Reference, chapter Chip Access Techniques. ASM International, Materials Park, OH, 4th ed., 1999.

[biblio0_300] [302] G. Ramalingam. The undecidability of aliasing. ACM TOPLAS, 16(5):1467–1471, September 1994.

[biblio0_301] [303] U.S. Army Research, Development, and Engineering Command (RDECOM). Army fy06.s SBIR solicitation topics—a06-022 software-based anti-tamper technique research and development. www.acq.osd.mil/osbp/sbir/solicitations/sbir062/army062.htm, 2006.

[biblio0_302] [304] Karl Reichert and Gunnar Troitsch. Kopierschutz mit filzstift knacken. CHIP Online, May 2002. http://archiv.chip.de/artikel/Tipp-des-Monats-Audio-Kopierschutz_archiv_17083661.html.

[biblio0_303] [305] John R. Rice. Method and system for fortifying software. U.S. Application 20060101047, May 2006.

[biblio0_304] [306] Richard J. Ross, Christian Boit, and Donald Staab, editors. Microelectronic Failure Analysis—Desk Reference. ASM International, Materials Park, OH, 4th ed., 1999.

[biblio0_305] [307] Hex-Rays SA. The IDA Pro disassembler and debugger. www.hex-rays.com/idapro, 2008.

[biblio0_306] [308] H. J. Saal and Z. Weiss. An empirical study of APL programs. International Journal of Computer Languages, 2(3):47–59, 1977.

[biblio0_307] [309] Harry J. Saal and Zvi Weiss. Some properties of APL programs. In Proceedings of Seventh International Conference on APL, pages 292–297. ACM, 1975.

[biblio0_308] [310] David Safford. Clarifying misinformation on TCPA. Technical report, IBM Research, October 2002.

[biblio0_309] [311] Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. Solving shape-analysis problems in languages with destructive updating. Technical report TR 1276, Computer Sciences Department, University of Wisconsin, Madison, WI, July 1995.

[biblio0_310] [312] Reiner Sailer, Trent Jaeger, Xiaolan Zhang, and Leendert van Doorn. Attestation-based policy enforcement for remote access. In CCS ’04: Proceedings of the 11th ACM Conference on Computer and Communications Security, pages 308–317, New York, 2004. ACM.

[biblio0_311] [313] Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In SSYM’04: Proceedings of the 13th Conference on USENIX Security Symposium, pages 16–16, Berkeley, CA, 2004. USENIX.

[biblio0_312] [314] A Salvadori, J. Gordon, and C. Capstick. Static profile of COBOL programs. SIGPLAN Notices, 10(8):20–33, 1975.

[biblio0_313] [315] Robert Sather. The Protection of Computer Software—Its Technology and Applications, Disc-based protection methods, pages 23–57. Cambridge University Press, New York, 1989.

[biblio0_314] [316] Saul Schleimer, Daniel Wilkerson, and Alex Aiken. Winnowing: Local algorithms for document fingerprinting. In Proceedings of the 2003 SIGMOD Conference, 2003. ACM.

[biblio0_315] [317] D. Schuler and V. Dallmeier. Detecting software theft with API call sequence sets. In Proceedings of the 8th Workshop Software Reengineering, 2006.

[biblio0_316] [318] David Schuler, Valentin Dallmeier, and Christian Lindig. A dynamic birthmark for Java. 22nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2007), 2007. ACM.

[biblio0_317] [319] B. Schwarz, S. Debray, and G. Andrews. Disassembly of executable code revisited. In WCRE ’02: Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE’02), page 45, Washington, DC, 2002. IEEE.

[biblio0_318] [320] F-secure Inc. Global slapper worm information center. www.f-secure.com/slapper/, 2002.

[biblio0_319] [321] Dallas Semiconductor. Ds5002fp secure microprocessor chip. http://datasheets.maxim-ic.com/en/ds/DS5002FP.pdf, 2006.

[biblio0_320] [322] Arvind Seshadri, Mark Luk, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. Externally verifiable code execution. Commun. ACM, 49(9):45–49, 2006.

[biblio0_321] [323] Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. SIGOPS Oper. Syst. Rev., 39(5):1–16, 2005.

[biblio0_322] [324] Arvind Seshadri, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. Swatt: Software-based attestation for embedded devices. In 2004 IEEE Symposium on Security and Privacy, page 272, Los Alamitos, CA, 2004. IEEE.

[biblio0_323] [325] Adi Shamir and Nicko van Someren. Playing Hide and Seek with stored keys. In FC ’99: Proceedings of the Third International Conference on Financial Cryptography, pages 118–124, London, 1999. Springer-Verlag.

[biblio0_324] [326] Claude E. Shannon. Communication theory of secrecy systems. Bell System Technical Journal, pages 656–715, 1949.

[biblio0_325] [327] Zhiyu Shen, Zhiyuan Li, and Pen-Chung Yew. An empirical study of FORTRAN programs for parallelizing compilers. IEEE Transactions on Parallel and Distributed Systems, 1(3):356–364, 1990.

[biblio0_326] [328] Sergei P. Skorobogatov. Semi-Invasive Attacks—A New Approach to Hardware Security Analysis. Ph.D. thesis, University of Cambridge, 2005.

[biblio0_327] [329] Michael P. Smith and Malcolm Munro. Runtime visualisation of object oriented software. In First IEEE International Workshop on Visualizing Software for Understanding and Analysis, Paris, France, 2002. IEEE.

[biblio0_328] [330] Backer Street Software. Rec 2.1—Reverse engineering compiler. www.backerstreet.com/rec/rec.htm, 2007.

[biblio0_329] [331] Mikhail Sosonkin, Gleb Naumovich, and Nasir Memon. Obfuscation of design intent in object-oriented applications. In DRM ’03: Proceedings of the 3rd ACM workshop on Digital Rights Management, pages 142–153, New York, 2003. ACM.

[biblio0_330] [332] Eugene H. Spafford. The Internet worm incident page 203, 1990. ESEC ‘89, 2nd European Software Engineering Conference. Springer-Verlag.

[biblio0_331] [333] Steven Stark. Why lawyers can’t write. Harvard Law Review, 97(1389), 1984.

[biblio0_332] [334] United States federal law. Federal information security management act of 2002. http://csrc.nist.gov/drivers/documents/FISMA-final.pdf, 2002.

[biblio0_333] [335] Michael Steil. 17 mistakes microsoft made in the Xbox security system. In 22nd Chaos Communication Congress, Berlin, Germany, December 2005. http://events.ccc.de/congress/2005/

[biblio0_334] [336] Julien P. Stern, Gael Hachez, Francois Koeune, and Jean-Jacques Quisquater. Robust object watermarking: Application to code. In Information Hiding, pages 368–378, 1999. Springer-Verlag.

[biblio0_335] [337] Frank A. Stevenson. Cryptanalysis of contents scrambling system. www.dvdcopy.com/news/cryptanalysis_of_contents_scrambling_system.htm, November 1999.

[biblio0_336] [338] Margaret-Anne Storey, Casey Best, and Jeff Michaud. SHriMP views: An interactive environment for exploring Java programs. 9th International Workshop on Program Comprehension (IWPC 2001), 2001. IEEE.

[biblio0_337] [339] Mario Strasser. Software-based TPM emulator for Linux. Technical report, Department of Computer Science, Swiss Federal Institute of Technology, Zürich, Switzerland, 2004.

[biblio0_338] [340] Frederic Stumpf, Omid Tafreschi, Patrick Roeder, and Claudia Eckert. A robust integrity reporting protocol for remote attestation. In The Second Workshop on Advances in Trusted Computing (WATC ’06), November 2006.

[biblio0_339] [341] H. Tamada, M. Nakamura, A. Monden, and K. Matsumoto. Design and evaluation of birthmarks for detecting theft of Java programs. In Proc. IASTED International Conference on Software Engineering (IASTED SE 2004), pages 569–575, Feb. 2004. IASTED/ACTA.

[biblio0_340] [342] H. Tamada, K. Okamoto, M. Nakamura, A. Monden, and K. Matsumoto. Dynamic software birthmarking to detect the theft of Windows applications. In Proceedings of the International Symposium on Future Software Technology, Oct. 2004.

[biblio0_341] [343] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Kenichi Matsumoto. Detecting the theft of programs using birthmarks. Information Science Technical Report NAIST-IS-TR2003014 ISSN 0919-9527, Graduate School of Information Science, Nara Institute of Science and Technology, Nov. 2003.

[biblio0_342] [344] Gang Tan, Yuqun Chen, and Mariusz H. Jakubowski. Delayed and controlled failures in tamper-resistant systems. In Information Hiding, 2006. Springer-Verlag.

[biblio0_343] [345] C. Thomborson, C. He, J. Nagra, and R. Somaraju. Tamper-proofing software watermarks. The Australasian Information Security Workshop (AISWA) 32:27–36, 2004. Australian Computer Society.

[biblio0_344] [346] Clark David Thomborson, Yong He, Ram Abhinav Somaraju, and Jasvir Nagra. Tamper-proofing watermarked computer programs. U.S. Application 20050050396, March 2005. Assigned to Auckland UniServices Limited.

[biblio0_345] [347] Frank Tip. A survey of program slicing techniques. Journal of Programming Languages, 3(3):121–189, September 1995.

[biblio0_346] [348] David S. Touretzky. Declaration in Support of Motion for Summary Judgement, in DVDCCA v. McLaughlin, Bunner, et al., case no. cv—786804, November 2001.

[biblio0_347] [349] David S. Touretzky. Gallery of CSS descramblers. www.cs.cmu.edu/~dst/DeCSS/Gallery, 2008.

[biblio0_348] [350] Alan M. Turing. On computable numbers, with an application to the Entscheidungsproblem. Proceedings of the London Mathematical Society, 2(42):230–265, 1936.

[biblio0_349] [351] Paul Tyma. Method for renaming identifiers of a computer program. U.S. patent 6,102,966, 2000.

[biblio0_350] [352] Sharath K. Udupa, Saumya K. Debray, and Matias Madou. Deobfuscation: Reverse engineering obfuscated code. In WCRE ’05: Proceedings of the 12th Working Conference on Reverse Engineering, pages 45–54, Washington, DC, 2005. IEEE.

[biblio0_351] [353] unknown. Decoys: Tanks but No Tanks. Time Magazine, (Monday, Feb. 4) 1991. www.time.com/time/magazine/article/0,9171,972244,00.html.

[biblio0_352] [354] Ramarathnam Venkatesan and Vijay Vazirani. Technique for producing through watermarking highly tamper-resistant executable code and resulting “watermarked” code so formed. U.S. Patent 7051208, May 2006.

[biblio0_353] [355] Ramarathnam Venkatesan, Vijay Vazirani, and Saurabh Sinha. A graph theoretic approach to software watermarking. In 4th International Information Hiding Workshop, Pittsburgh, April 2001. Springer-Verlag.

[biblio0_354] [356] Hans Peter Van Vliet. Crema—The Java obfuscator, January 1996.

[biblio0_355] [357] Hans Peter Van Vliet. Mocha—The Java decompiler. www.brouhaha.com/~eric/software/mocha, January 1996.

[biblio0_356] [358] Neal R. Wagner. Fingerprinting. In Symposium on Security and Privacy, pages 18–22, Oakland, California, 25–27, April 1983. IEEE.

[biblio0_357] [359] Kelly Wallace and Mike Chinoy. U.S. surveillance plane lands in China after collision with fighter. archives.cnn.com/2001/US/04/01/us.china.plane, 2001.

[biblio0_358] [360] Chenxi Wang. A Security Architecture for Survivability Mechanisms. Ph.D. thesis, University of Virginia, School of Engineering and Applied Science, October 2000. http://citeseer.ist.psu.edu/wang00security.html.

[biblio0_359] [361] Chenxi Wang, Jonathan Hill, John Knight, and Jack Davidson. Protection of software-based survivability mechanisms. dsn, 00:0193, 2001.

[biblio0_360] [362] Jie Wang and Jay Belanger. On the NP-isomorphism problem with respect to random instances. Journal of Computer and System Sciences, 50(1):151–164, February 1995.

[biblio0_361] [363] Xiaoyun Wang and Hongbo Yu. How to break MD5 and other hash functions. In Ronald Cramer, editor, EUROCRYPT, volume 3494 of LNCS, pages 19–35. Springer, 2005.

[biblio0_362] [364] Zheng Wang, Scott A. McFarling, Ken B. Pierce, and Ramarathnam Venkatesan. Methods for comparing versions of a program. United States Patent 6954747, October 2005. Assigned to Microsoft Corporation (Redmond, WA).

[biblio0_363] [365] Peter Wayner. Mimic functions. CRYPTOLOGIA, 14(3), July 1992.

[biblio0_364] [366] Peter Wayner. Strong theoretical steganography. CRYPTOLOGIA, 19, July 1995.

[biblio0_365] [367] Peter Wayner. Disappearing Cryptography: Information Hiding: Steganography and Watermarking (2nd Edition). Morgan Kaufmann Publishers Inc., San Francisco, CA, 2002.

[biblio0_366] [368] Tim Weber. The Internet is doomed, 2007. www.bbc.co.uk/blogs/davos07/2007/01/the_internet_is_doomed.shtml.

[biblio0_367] [369] Hoeteck Wee. On obfuscating point functions. In STOC ’05: Proceedings of the Thirty-Seventh Annual ACM Symposium on Theory of Computing, pages 523–532, New York, 2005. ACM.

[biblio0_368] [370] S. H. Weingart. Physical security for the μABYSS system. In Proceedings of the IEEE Symposium on Security and Privacy, pages 52–58, 1987. IEEE.

[biblio0_369] [371] S. H. Weingart, S. R. White, W. C. Arnold, and G. P. Double. An evaluation system for the physical security of computing systems. In Sixth Annual Computer Security Applications Conference, pages 232–243, Tucson, AZ, December 1990. IEEE.

[biblio0_370] [372] Ruediger Weis, Stefan Lucks, and Andreas Bogk. TCG 1.2—Fair play with the ‘fritz’ chip? Technical report, Cryptolabs Amsterdam/VU Computersystems, RAI Centre, Amsterdam, The Netherlands, October 2004.

[biblio0_371] [373] Deborah Whitfield and Mary Lou Soffa. An approach to ordering optimizing transformations. In PPOPP’90, pages 137–146, 1990. ACM.

[biblio0_372] [374] Deborah Whitfield and Mary Lou Soffa. Automatic generation of global optimizers. In Principles of Programming Languages ’91, pages 120–129, 1991. ACM.

[biblio0_373] [375] Amy Wimmer. Laptops’ removal no mistake, officials say. St. Petersbug Times, Aug. 11, 2002.

[biblio0_374] [376] Niklaus Wirth. Type extensions. ACM Transactions on Programming Languages and Systems, 10(2):204–214, April 1988.

[biblio0_375] [377] Gregory Wolfe, Jennifer L. Wong, and Miodrag Potkonjak. Watermarking graph partitioning solutions. In Design Automation Conference, pages 486–489, 2001. ACM.

[biblio0_376] [378] Wei Wu, Frank Nian-Tzu Chu, Erik Fortune, Julie D. Bennett, Mohammed El-Gammal, and Simon D. Earnshaw. Inhibiting software tampering. U.S. Application 20060005251, January 2006. Assigned to Microsoft Corporation.

[biblio0_377] [379] Glen Wurster, P.C. van Oorschot, and Anil Somayaji. A generic attack on checksumming-based software tamper resistance. In 2005 IEEE Symposium on Security and Privacy, pages 127–138, 2005. IEEE.

[biblio0_378] [380] P. Young and M. Munro. Visualising software in virtual reality. In Proceedings of the IEEE 6th International Workshop on Program Comprehension, pages 19–26, June 1998. IEEE.

[biblio0_379] [381] Jonathan A. Zdziarski. Nes.app 2.0.3—the Nintendo emulator for iPhone. www.zdziarski.com/projects/nesapp, 2008.

[biblio0_380] [382] Xiangyu Zhang and Rajiv Gupta. Hiding program slices for software security. In CGO 03: Proceedings of the International Symposium on code Generation and Optimization, pages 325–336, Washington, DC, 2003. IEEE.

[biblio0_381] [383] Youtao Zhang, Jun Yang, and Rajiv Gupta. Frequent value locality and value-centric data cache design. In Architectural Support for Programming Languages and Operating Systems, pages 150–159, 2000. ACM.

[biblio0_382] [384] W. Zhu, C. C. Thomborson, and Fei-Yue Wang. Obfuscate arrays by homomorphic functions. Special Session on Computer Security and Data Privacy, pages 770–773, May 2006. IEEE.

[biblio0_383] [385] Xiaotong Zhuang, Tao Zhang, Hsien-Hsin S. Lee, and Santosh Pande. Hardware assisted control flow obfuscation for embedded processors. In CASES ’04: Proceedings of the 2004 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems, pages 292–302, New York, 2004. ACM.

[biblio0_384] [386] Xiaotong Zhuang, Tao Zhang, and Santosh Pande. Hide: an infrastructure for efficiently protecting information leakage on the address bus. In ASPLOS-XI: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems, pages 72–84, New York, 2004. ACM.