software birthmark for detecting theft of javascript programs

SoftwareBirthmark forDetectingTheft ofJavaScriptPrograms

Patel SwatiJitendrakumar

Outline

Introduction

LiteratureSurvey

Methodology

Conclusionsand Futurework

Software Birthmark for Detecting Theft ofJavaScript Programs

Patel Swati Jitendrakumar

Guided byProf. T. M. Pattewar

ME CE2012-2013

Seminar-II Presentation

October 24, 2013 SES’s R. C. Patel Institute of Technology, Shirpur, MS, India 1



Outline

Introduction

LiteratureSurvey

Methodology


Outline of Topics

1 Introduction

2 Literature Survey

3 Methodology

4 Conclusions and Future work




Outline

Introduction

LiteratureSurvey

Methodology


Introduction

Software TheftIt is an unauthorized copy and use of computer software.57 % Computer Users admit that they use piratedsoftware.

JavaScript programs and their theftIt is an interpreted computer programming language.

Techniques of avoiding Software Theft• Software Watermarking :

An extra code known as watermark is included as a partof a program to prove the ownership of the program.

• Code Obfuscation :code obfuscation is the application of transformations tothe code, which changes the physical appearance of thecode, while preserving the black-box specifications of theprogram.

Content of this slide cited from [?] [?] [?] [?] [?] [?]




Outline

Introduction

LiteratureSurvey

Methodology


Introduction contd...

Software BirthmarkA birthmark is a unique characteristic a program possessesthat can be used to identify the program.

To detect software theft,1 The birthmark of the program under protection (the

plaintiff program) extracted.2 The suspected program is searched against the birthmark.3 If the birthmark of plaintiff program is found in the code of

suspected one, then it can be claimed as the suspectedprogram or part of it is a copy of the plaintiff program.

Content of this slide cited from [?]




Outline

Introduction

LiteratureSurvey

Methodology



Taxonomy of Software BirthmarkStatic Birthmark - extracted from the syntactic structureof a program.

Let p, q be two components of a program or program itself.Let f be method for extracting the set of characteristicsfrom a program. Then f(p) is a static birthmark of p if:1. f(p) is obtainable from p itself.

2. q is copy of p ⇒ f(p) = f(q).

Content of this slide cited from [?] [?]




Outline

Introduction

LiteratureSurvey

Methodology



Taxonomy of Software Birthmark contd...Dynamic Birthmark - extracted from the dynamicbehavior of a program at run-time.

Let p,q be two components of a program or program itself.Let I be the input to p and q. Let f(p,I) the set ofcharacteristics extracted from a program p with input I.Then f(p,I) is a dynamic birthmark of p if:1. f(p,I) is obtainable from p itself when executing p with

input I.

2. q is copy of p ⇒ f(p,I) = f(q,I).

Content of this slide cited from [?] [?]




Outline

Introduction

LiteratureSurvey

Methodology



Heap Graph based Birthmark





Outline

Introduction

LiteratureSurvey

Methodology



The Threat Model





Outline

Introduction

LiteratureSurvey

Methodology


Related Work

Year Author Work2004 Myles et al. Whole program path birthmarks [?]2007 Tamada et al. API calls based Birthmarks [?]2007 Schuler et al. Birthmark for java [?]2011 Chan et al. Birthmark on the runtime heap [?]2011 Chan et al. Birthmark on heap memory analysis [?]




Outline

Introduction

LiteratureSurvey

Methodology


System Overview

Figure: System Overview





Outline

Introduction

LiteratureSurvey

Methodology


System Overview contd...

The JavaScript heap profiler:runs a JavaScript program and takes multipleheap snapshots in the course of its execution.

Figure: Heap profile of GMail initialization phase




Outline

Introduction

LiteratureSurvey

Methodology



The graph generator and filter:traverses the objects in the heap snapshots and builds heapgraphs out of them. It also filters out objects.

• Objects in the V8 JavaScript heap are:INTERNAL, ARRAY, STRING, OBJECT, CODE,CLOSURE

• References between objects in the V8 JavaScript heapare:CONTEXT VARIABLE, ELEMENT, PROPERTY,INTERNAL




Outline

Introduction

LiteratureSurvey

Methodology



The graph merger:merges the filtered heap graphs to form one single graph.




Outline

Introduction

LiteratureSurvey

Methodology



The subgraph selector:selects a subgraph from the heap graph to form thebirthmark of the plaintiff program. This step is not neededfor the suspected program.




Outline

Introduction

LiteratureSurvey

Methodology



The detector:searches for the birthmark of the plaintiff program in theheap graph of the suspected program.




Outline

Introduction

LiteratureSurvey

Methodology


Conclusions and Future work

Software Birthmark system finds similarities between twosimilarly functioning applications and distinguish distinctapplications.This system is reliable and scalable also it can resist toreference injection attack.Future work can be aimed for two major factors1. Improved Graph Selector2. Fast Detector




Outline

Introduction

LiteratureSurvey

Methodology


“Ninth annual BSA global software 2011 piracy study,” 5 2012, [accessed on April 14,2013]. [Online].

Available: http://globalstudy.bsa.org/2011/

“Software theft,” [accessed on April 14,2013]. [Online]. Available:

http://www.javvin.com/softwareglossary/SoftwareTheft.html

“Software piracy,” [accessed on April 14,2013]. [Online]. Available:

http://www.fastiis.org/our services/enforcement/software theft/

C. Collberg and C. Thomborson, “Software watermarking:models and dynamic embeddings,”

Department of Computer Science, University of Auckland, Private Bag 92091, Auckland, NewZealand, Tech. Rep., 2003.

H. I. A. Monden and K. Torii, “Watermarking java programs,” in International Symposium of Future

Software Technology, Nanjing, China, 1999.

C. T. C. Collberg and D. Low, “A taxonomy of obfuscating transformations,” University of Auckland,

Auckland, New Zealand, Tech. Rep. 148, 2003.

E. C. C. Collberg and M. Stepp, “Dynamic path-based software watermarking,” in Programming

Language Design and Implementation (PLDI 04), ACM, Ed., New York, 2004, pp. 107–118.

H. Tamada and A. Monden, “Design and evaluation of birthmarks for detecting theft of java

programs,” in IASTED International Conference of Software Engineering, 2004, pp. 569–575.

G. Myles and C. Collberg, “K-gram based software birthmarks,” in Symposium on Application

Computing (SAC 05), ACM, Ed., 2005, pp. 314–318.


http://globalstudy.bsa.org/2011/

http://www.javvin.com/softwareglossary/SoftwareTheft.html

http://www.fastiis.org/our_services/enforcement/software_theft/



Outline

Introduction

LiteratureSurvey

Methodology


S. P.Chan, L.Hui, “Heap graph based software theft detection,” IEEE Transaction On Information

Forensics and Security, vol. 8, pp. 101–110, January 2013.

G.Myles and C. Collberg, “Detecting software theft via whole program path birthmarks,” in Inf.

Security 7th Int. Conf. (ISC 2004), Palo Alto,CA, September 2004, pp. 404–414.

K. H.Tamada and K.Matsumoto, “Design and evaluation of dynamic software birthmarks based on

API calls,” Graduate School of Information Science, Nara Institute of Science and Technology,8916-5 Takayama-cho, Ikoma-shi, Nara, 6300101 Japan, Technical Report, 2007.

V. D. D. Schuler and C. Lindig, “A dynamic birthmark for java,” in IEEE/ACM International

Conference of Automated Software Engineering (ASE 07), no. 22, New York, 2007, pp. 274–283.

L. P.Chan and S.Yiu, “Jsbirth: Dynamic javascript birthmark based on the run-time heap,” in 2011

IEEE 35th Annual Computer Software and Application Conference (COMPSAC), July 2011, pp.407–412.

L. H. P. Chan and S. Yiu, “Dynamic software birthmark for java based on heap memory analysis,” in

IFIP TC 6/TC 11 Int. Conf. Commun. and Multimedia Security (CMS11), Springer-Verlag, Ed.,no. 12, Berlin, Heidelberg, 2011, pp. 94–106.




Outline

Introduction

LiteratureSurvey

Methodology


Thank You
