A Dynamic Birthmark for Java
- ASE 2007
by
David Schuler, Valentin Dallmeier, Christian Lindig
ASE '07: Proceedings of the 22nd International Conference on Automated Software Engineering, Pages 274-283, November 2007.
ISBN: 9781595938824
Digital Library via DOI: 10.1145/1321631.1321672 - Local copy: Download as PDF file.
Abstract
Code theft is a threat for companies that consider code as a core asset. A birthmark can help them to prove code theft by identifying intrinsic properties of a program. Two programs with the same birthmark are likely to share a common origin. Birthmarking works in particular for code that was not protected by tamper-resistant copyright notices that otherwise could prove ownership. We propose a dynamic birthmark for Java that observes how a program uses objects provided by the Java Standard API. Such a birthmark is difficult to foil because it captures the observable semantics of a program. In an evaluation, our API Birthmark reliably identified XML parsers and PNG readers before and after obfuscating them with state-of-the-art obfuscation tools. These rendered existing birthmarks ineffective, such as the Whole-Program-Path-Birthmark by Myles and Collberg.
BibTeX Entry
@inproceedings{schuler-ase-2007, title = "A Dynamic Birthmark for Java", author = "David Schuler and Valentin Dallmeier and Christian Lindig", year = "2007", month = nov, booktitle = "ASE '07: Proceedings of the 22nd International Conference on Automated Software Engineering", location = "Atlanta, Georgia, USA", pages = "274--283", ISBN = "9781595938824", doi = "10.1145/1321631.1321672", }