Dynamic Software Birthmark for Java Based on Heap Memory Analysis

Code theft has been a serious threat to the survival of the software industry. A dynamic software birthmark can help detect code theft by comparing the intrinsic characteristics of two programs extracted during their execution.We propose a dynamic birthmark system for Java based on the object reference graph. To the best of our knowledge, it is the first dynamic software birthmark making use of the heap memory. We evaluated our birthmark using 25 large-scale programs with most of them of tens of megabytes in size. Our results show that it is effective in detecting partial code theft. No false positive or false negative were found. More importantly, the birthmark remained intact even after the testing programs were obfuscated by the state-of-the-art Allatori obfuscator. These promising results reflect that our birthmark is ready for practical use.

[1]  Akito Monden,et al.  Dynamic Software Birthmarks to Detect the Theft of Windows Applications , 2004 .

[2]  Nasir D. Memon,et al.  Obfuscation of design intent in object-oriented applications , 2003, DRM '03.

[3]  Christian S. Collberg,et al.  Detecting Software Theft via Whole Program Path Birthmarks , 2004, ISC.

[4]  Katsuro Inoue,et al.  A practical method for watermarking Java programs , 2000, Proceedings 24th Annual International Computer Software and Applications Conference. COMPSAC2000.

[5]  David Schuler,et al.  A dynamic birthmark for java , 2007, ASE.

[6]  Christian S. Collberg,et al.  K-gram based software birthmarks , 2005, SAC '05.

[7]  Akito Monden,et al.  Detecting the traft of programs using birthmarks , 2003 .

[8]  Michael Stepp,et al.  Dynamic path-based software watermarking , 2004, PLDI '04.

[9]  P. Foggia,et al.  Performance evaluation of the VF graph matching algorithm , 1999, Proceedings 10th International Conference on Image Analysis and Processing.

[10]  Akito Monden,et al.  Design and evaluation of birthmarks for detecting theft of java programs , 2004, IASTED Conf. on Software Engineering.

[11]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[12]  David Eppstein,et al.  The Polyhedral Approach to the Maximum Planar Subgraph Problem: New Chances for Related Problems , 1994, GD.

[13]  Sencun Zhu,et al.  Behavior based software theft detection , 2009, CCS.

[14]  Mario Vento,et al.  Subgraph Transformations for the Inexact Matching of Attributed Relational Graphs , 1997, GbRPR.

[15]  Akito Monden,et al.  Design and evaluation of dynamic software birthmarks based on API calls , 2007 .

[16]  Qwhuqhw Duh Qrz Vxiihulqj Iurp Surjudp Wkhiw,et al.  Watermarking Java Programs , 1999 .

[17]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.