YAP3: improved detection of similarities in computer program and other texts
SIGCSE '96 Proceedings of the twenty-seventh SIGCSE technical symposium on Computer science education
Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Winnowing: local algorithms for document fingerprinting
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
K-gram based software birthmarks
Proceedings of the 2005 ACM symposium on Applied computing
Java Birthmarks —Detecting the Software Theft—
IEICE - Transactions on Information and Systems
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
A static birthmark of binary executables based on API call structure
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Zero-day malware detection based on supervised learning algorithms of API call signatures
AusDM '11 Proceedings of the Ninth Australasian Data Mining Conference - Volume 121
Detecting malicious behaviour using supervised learning algorithms of the function calls
International Journal of Electronic Security and Digital Forensics
Software plagiarism detection: a graph-based approach
Proceedings of the 22nd ACM international conference on Conference on information & knowledge management
Hi-index | 0.00 |
Software birthmark is the inherent program characteristics that can identify a program. In this paper, we propose a static API trace birthmark to detect Java theft. Because the API traces can reflect the behavior of a program, our birthmark is more resilient than the existing static birthmarks. Because the API traces are extracted by static analysis, they can be applied to library programs which earlier dynamic birthmarks cannot handle properly. We evaluate the proposed birthmark in terms of credibility and resilience. Experimental results show that our birthmark can detect common library modules of two packages while other birthmarks fail to detect.