Specifying API Trace Birthmark by Abstract Interpretation
API trace birthmark is a major class of software birthmarks, where API sequences are defined as software birthmarks to detect software theft. Currently, many birthmarks of this class have been proposed, but the evaluation of these birthmarks is mainly done through experiments and there is no theoretical framework, which makes it difficult to formally analyze and certify the effectiveness of the birthmarks. To solve this problem, an abstract interpretation-based method for specifying API trace birthmark is proposed in this paper. First, API trace birthmark is characterized as a semantic program property by abstract interpretation. Then, the credibility of API trace birthmark with respect to a specific criterion for copy relation is formally analyzed. Finally, the resilience of API trace birthmark is discussed and it is proved that API trace birthmark is resilient to a commonly used program transformation.
KeywordsSoftware birthmarks Abstract interpretation API trace Program semantics Credibility Resilience
Unable to display preview. Download preview PDF.
- 1.Collberg, C., Nagra, J.: Surreptitious software: obfuscation, watermarking and tamperproofing for software protection, 1st edn. Addision Wesley, Boston (2009)Google Scholar
- 2.Tamada, H., Nakamura, M., Monden, A., Matsumoto, K.: Detecting the theft of programs using birthmarks. Graduate School of Information Science, Nara Institute of Science and Technology. Technical Report NAIST-IS-TR2003014 (2003)Google Scholar
- 4.Park, H., Choi, S., Lim, H., Han, T.: Detecting Java theft based on static API trace birthmark. In: International Workshop on Security, pp. 121–135 (2008)Google Scholar
- 6.Tamada, H., Nakamura, M., Monden, A., Matsumoto, K.: Design and evaluation of birthmarks for detecting theft of Java program. In: IASTED International Conference Software Engineering, pp. 569–575 (2004)Google Scholar
- 7.Schuler, D., Dallmeier, V., Lindig, C.: A dynamic birthmark for Java. In: 22nd IEEE/ACM International Conference on Automated Software Engineering, pp. 274–283 (2007)Google Scholar
- 8.Cousot, P., Cousot, R.: Abstract interpretation: A unified Lattice model for static analysis of programs by construction or approximation of fixpoints. In: 4th ACM SIGPLAN-SIGACT Symposium Principles of Programming Languages, pp. 238–252 (1977)Google Scholar
- 9.Cousot, P., Cousot, R.: Systematic design of program transformation frameworks by abstract interpretation. In: 29th ACM SIGPLANSIGACT Symposium Principles of Programming Languages, pp. 178–190 (2002)Google Scholar