Detecting piracy in standalone and network licensing systems

Abstract

Software has been traditionally sold as executable files which require an additional license to run. Licenses come in many forms but all of them aim at the single goal of preventing unauthorized use, which is also known as software piracy. Piracy can lead to big losses for software companies so it’s important to study what can be done about it. Instead of trying to tackle the whole enterprise, I will focus on the first step of preventing piracy, that is, detecting it. This topic will be covered in the context of two traditional software licensing schemes: standalone licensing and network licensing. There are also modern cloud based licensing schemes like Software as a Service (SaaS) that don’t need a license in the same sense, but it seems like the traditional models aren’t going anywhere soon.

Standalone licensing means that a unique license is required for each installation of the application. Think of product keys on good old installation CDs. In network licensing the application requires a license only when it’s actually running. This is achieved with the help of a dedicated license server which distributes licenses to client applications within the local network. I map out all notable attack vectors against both licensing systems, and suggest methods for detecting these attacks. Network verification is discovered to be an indispensable method for detecting piracy. Transport layer security (TLS) protocol will turn out to be the best line of defense against network based attacks. Even the often forgotten feature of client certificate authentication will turn out to be useful. Detection of local attacks, such as tampering and virtual machine duplication, is also covered. Overall this work is intended as a theoretical basis for implementing piracy detection systems in standalone and network licensing environments.