Detecting Java Theft Based on Static API Trace Birthmark

Authors:
Heewan Park;Seokwoo Choi;Hyun-Il Lim;Taisook Han
Affiliations:
Division of Computer Science, KAIST, Daejeon, Republic of Korea 305-701;Division of Computer Science, KAIST, Daejeon, Republic of Korea 305-701;Division of Computer Science, KAIST, Daejeon, Republic of Korea 305-701;Division of Computer Science, KAIST, Daejeon, Republic of Korea 305-701
Venue:
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Year:
2008

Citing 7
Cited 3

YAP3: improved detection of similarities in computer program and other texts

SIGCSE '96 Proceedings of the twenty-seventh SIGCSE technical symposium on Computer science education
Manufacturing cheap, resilient, and stealthy opaque constructs

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Winnowing: local algorithms for document fingerprinting

Proceedings of the 2003 ACM SIGMOD international conference on Management of data
K-gram based software birthmarks

Proceedings of the 2005 ACM symposium on Applied computing
Java Birthmarks —Detecting the Software Theft—

IEICE - Transactions on Information and Systems
A dynamic birthmark for java

Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
A static birthmark of binary executables based on API call structure

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security

Zero-day malware detection based on supervised learning algorithms of API call signatures

AusDM '11 Proceedings of the Ninth Australasian Data Mining Conference - Volume 121
Detecting malicious behaviour using supervised learning algorithms of the function calls

International Journal of Electronic Security and Digital Forensics
Software plagiarism detection: a graph-based approach

Proceedings of the 22nd ACM international conference on Conference on information & knowledge management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Software birthmark is the inherent program characteristics that can identify a program. In this paper, we propose a static API trace birthmark to detect Java theft. Because the API traces can reflect the behavior of a program, our birthmark is more resilient than the existing static birthmarks. Because the API traces are extracted by static analysis, they can be applied to library programs which earlier dynamic birthmarks cannot handle properly. We evaluate the proposed birthmark in terms of credibility and resilience. Experimental results show that our birthmark can detect common library modules of two packages while other birthmarks fail to detect.