Program Characterization Using Runtime Values and Its Application to Software Plagiarism Detection
作者: Yoon-Chan Jhi , Xiaoqi Jia , Xinran Wang , Sencun Zhu , Peng Liu
关键词:
摘要: Illegal code reuse has become a serious threat to the software community. Identifying similar or identical fragments becomes much more challenging in theft cases where plagiarizers can use various automated transformation obfuscation techniques hide stolen from being detected. Previous works this field are largely limited that (i) most of them cannot handle advanced techniques, and (ii) methods based on source analysis not practical since suspicious programs typically be obtained until strong evidences have been collected. Based observation some critical runtime values program hard replaced eliminated by semantics-preserving we introduce novel approach dynamic characterization executable programs. Leveraging such invariant values, our technique is resilient control data techniques. We show how extracted refined expose apply property help solve problems plagiarism detection. implemented prototype with taint analyzer atop generic processor emulator. Our value-based detection method (VaPD) uses longest common subsequence similarity measuring algorithms check whether two belong same lineage. evaluate proposed through set real-world obfuscators. experimental results successfully discriminates 34 plagiarisms obfuscated SandMark, heavily KlassMaster, Thicket, executables Loco/Diablo.
elsevier.com
sci-hub.se 参考文章(54)
Akito Monden, Haruaki Tamada, Masahide Nakamura, Ken-ichi Matsumoto, Keiji Okamoto, Design and evaluation of dynamic software birthmarks based on API calls Nara Institute of Science and Technology. ,(2007)
K. M. A. Alzarooni, Malware variant detection Doctoral thesis, UCL (University College London).. ,(2012)
Heqing Huang, Sencun Zhu, Peng Liu, Dinghao Wu, A Framework for Evaluating Mobile App Repackaging Detection Algorithms Trust and Trustworthy Computing. pp. 169- 186 ,(2013) , 10.1007/978-3-642-38908-5_13
Elliot Berk, JLex: A lexical analyzer generator for Java ,(2004)
Akito Monden, Haruaki Tamada, Masahide Nakamura, Ken-ichi Matsumoto, Keiji Okamoto, Dynamic Software Birthmarks to Detect the Theft of Windows Applications International Symposium on Future Software Technology 2004 (ISFST 2004). ,(2004)
Jonathan Crussell, Clint Gibler, Hao Chen, Attack of the Clones: Detecting Cloned Applications on Android Markets Computer Security – ESORICS 2012. pp. 37- 54 ,(2012) , 10.1007/978-3-642-33167-1_3
Rahul Potharaju, Andrew Newell, Cristina Nita-Rotaru, Xiangyu Zhang, Plagiarizing smartphone applications: attack strategies and defense techniques international conference on engineering secure software and systems. pp. 106- 120 ,(2012) , 10.1007/978-3-642-28166-2_11
Young-Chul Kim, Jaeyoung Choi, A program plagiarism evaluation system international conference on computational science and its applications. pp. 10- 19 ,(2005) , 10.1007/11424925_2
Haruaki Tamada, Masahide Nakamura, Akito Monden, Ken-ichi Matsumoto, Design and evaluation of birthmarks for detecting theft of Java programs international conference on software engineering. pp. 569- 574 ,(2004)
I.D. Baxter, C. Pidgeon, M. Mehlich, DMS/spl reg/: program transformations for practical scalable software evolution international conference on software engineering. pp. 625- 634 ,(2004) , 10.1109/ICSE.2004.1317484