Affiliation:
1. Graduate School of Kyoto Sangyo University, Kyoto, Japan
2. Kyoto Sangyo University, Kyoto, Japan
3. Okayama University, Okayama, Japan
Abstract
To detect the software theft, software birthmarks have been proposed. Software birthmark systems extract software birthmarks, which are native characteristics of software, from binary programs, and compare them by computing the similarity between birthmarks. This paper proposes a new procedure for scaling up the birthmark systems. While conventional birthmark systems are composed of the birthmark extraction phase and the birthmark comparison phase, the proposed method adds two new phases between extraction and comparison, namely, compression phase, which employs fuzzy hashing, and pre-comparison phase, which aims to increase distinction property of birthmarks. The proposed method enables us to reduce the required time in the comparison phase, so that it can be applied to detect software theft among many larger scale software products. From an experimental evaluation, the authors found that the proposed method significantly reduces the comparison time, and keeps the distinction performance, which is one of the important properties of the birthmark. Also, the preservation performance is acceptable when the threshold value is properly set.
Reference13 articles.
1. Heap Graph Based Software Theft Detection
2. A static API birthmark for Windows binary executables
3. Value-based program characterization and its application to software plagiarism detection
4. Identifying almost identical files using context triggered piecewise hashing. Journal Digital Investigation;J.Kornblum;The International Journal of Digital Forensics & Incident Response,2006
5. Binary codes capable of correcting deletions, insertions, and reversals.;V. I.Levenshtein;Soviet Physics, Doklady,1966