RESULTS AND DISCUSSSION In this chapter, the results of the data gathered through the reviews of previous works

of various authors. According to Christian Colberg and Jasvir Nagra, the top 4 best techniques or method to used are Static Watermarking algorithms, Embedding decryption keys , Tamper-proofing, Fingerprint code. Software algorithms, where the name of the author is embedded in the order and value of bytes that constitute a program, can be very efficient and have little impact on the programs execution. However according to Colberg and Nagra, watermarks can be removed relatively easily by inserting NOPs (No Operation Performed) in the program, carrying out semanticpreserving rearrangements of its instructions, or even by encrypting the program and adding a stub that decrypts the program in memory before executing it. Embedding decryption keys in hardware may be resilient to software attacks but will fall to a hardware attack if the key passes "in the clear" between where it is stored and the CPU where content is decrypted. Once that key is made public, the key can be freely shared and used to decrypt existing software. Tamper-proofing a program with checksums of the sections of memory where the program is loaded can be effective in preventing an attacker from modifying the program if the program is running on limited hardware. However, if the hardware allows an attacker to trap attempts to read from the same area of memory where the program is loaded, the attack can efficiently and undetectably modify a program while redirecting any self-checking code to read a pristine copy of itself. Fingerprint code or applying different obfuscation algorithms on each copy of a program increases the diversity and makes it harder for an attacker to produce a single procedure capable of attacking every instance of the program. However, an attacker knows that any two copies of the program are in fact the same program obfuscated in two different ways and learns something about the underlying unobfuscated program. Any differences must necessarily be the result of fingerprint and reduces the amount of code the attacker has to look at to know what to attack.

The authors said that the developers should consider carefully which technique to choose because it can affect also the software performance. They suggest to choose a software protection code that is stealthy and the one that generates code that fits in with the surrounding code rather than code that can highlight a vulnerable are for attack. The author also said that all protection techniques eventually fail if an attacker is persistent and highly skilled. According John Cappaert, Code obfuscation represents a whole set of software protection techniques that raise the bar for the attacker in terms of skills or resources. They are inexpensive to deploy compared to hardware-assisted solutions, as no additional hardware needs to be acquired. They are flexible as techniques can be applied to a certain degree that meets security versus performance trade-offs set by the software owner. Furthermore, obfuscation techniques can be easily integrated during software development, as the techniques are software-only.