Software theft detection through analysis of the semantic units of program

Abstract

Software is an intellectual property of the developers. Nevertheless, software piracy is one of the major obstacles to the growth of software industries. In order to cope with this problem, several researches are ongoing, such as software watermark, code obfuscation, code encryption, source code plagiarism detection, and software birthmark. A software birthmark refers to program`s inherent characteristics that can be used to identify a program. Similarities measured by comparing birthmarks of programs can provide a guideline for detecting software thefts. In this thesis, we present approaches to detecting software thefts through software birthmarks based on semantic units of programs. A semantic unit refers to a cohesive fragment in a program code that shows meaningful behavior of the program. So, a semantic unit may correspond to a basic behavior for performing some arranged tasks in a program. Detecting software theft is accomplished by comparing such semantic units between programs. We propose two approaches to analyzing semantic units of programs. First, the control flow-based approach is presented. The control flow information shows the structural characteristics and the possible behaviors while a program is executed. Flow paths and their behaviors in Java programs are formally described, and a set of behaviors of flow paths is used as a software birthmark. Second, the stack simulation-based approach is presented for Java programs. Because operand stack manipulations are fundamental operations among instructions in Java programs, they can show coherent relations among instructions. Stack behaviors are analyzed by statically simulating operand stack variations of Java programs. A set of stack behaviors of a Java program is used as a birthmark of the program. Similarity between two birthmarks is calculated by comparing and matching the similar elements of the birthmarks. Experiments are performed on the proposed methods with respect to credibilit...