Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
K-gram based software birthmarks
Proceedings of the 2005 ACM symposium on Applied computing
A Software Birthmark Based on Dynamic Opcode n-gram
ICSC '07 Proceedings of the International Conference on Semantic Computing
A static API birthmark for Windows binary executables
Journal of Systems and Software
Detecting Software Theft via System Call Based Birthmarks
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
A static birthmark of binary executables based on API call structure
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Detecting repackaged smartphone applications in third-party android marketplaces
Proceedings of the second ACM conference on Data and Application Security and Privacy
| Hi-index | 0.00 |
By measuring similarity of programs, we can determine whether someone illegally copies a program from another program or not. If the similarity is significantly high, it means that a program is a copy of the other. This paper proposes three techniques to measure similarity of the Dalvik executable codes (DEXs) in the Android application Packages (APKs). Firstly, we decompile the DEXs of candidate applications into Java sources and compute the similarity between the decompiled sources. Secondly, candidate DEXs are disassembled and the similarities between disassembled codes are measured. Finally, we extract k-gram based software birthmark form the dissembled codes and calculate the similarity of sample DEXs by comparing the extracted birthmarks. We perform several experiments to identify effects of the three techniques. With the analysis of the experimental results, the advantages and disadvantages of each technique are discussed.