About the journal

• Home page
• Contact information
• Aims and scope
• Indexing information
• Editorial policies
• ComSIS consortium
• Journal boards
• Managing board

For authors

• Information for contributors
• Paper submission
• Article submission through OJS
• Copyright transfer form
• Download section

For readers

• Forthcoming articles
• Current issue
• Archive

For reviewers

• View and review submissions

News

• Journal's Facebook page
• Calls for special issues
• New issue notification

A New Detection Scheme of Software Copyright Infringement using Software Birthmark on Windows Systems

Yongman Han¹, Jongcheon Choi¹, Seong-je Cho¹, Haeyoung Yoo², Jinwoon Woo², Yunmook Nah³ and Minkyu Park⁴

1. Dept. of Computer Science, Dankook University Yongin
   Korea, 448-701
   {grid_ym, godofslp, sjcho}@dankook.ac.kr
2. Dept. of Software Science, Dankook University Yongin
   Korea, 448-701
   {yoohy, jwwoo}@dankook.ac.kr
3. Dept. of Applied Computer Engineering, Dankook University Yongin
   Korea, 448-701
   ymnah@dankook.ac.kr
4. Dept. of Computer Engineering, Konkuk University
   Chungju, Korea, 380-701
   minkyup@kku.ac.kr

Abstract

As software is getting more valuable, unauthorized users or malicious programmers illegally copies and distributes copyrighted software over online service provider (OSP) and P2P networks. To detect, block, and remove pirated software (illegal programs) on OSP and P2P networks, this paper proposes a new filtering approach using software birthmark, which is unique characteristics of program and can be used to identify each program. Software birthmark typically includes constant values, library information, sequence of function calls, and call graphs, etc. We target Microsoft Windows applications and utilize the numbers and names of DLLs and APIs stored in a Windows executable file. Using that information and each cryptographic hash value of the API sequence of programs, we construct software birthmark database. Whenever a program is uploaded or downloaded on OSP and P2P networks, we can identify the program by comparing software birthmark of the program with birthmarks in the database. It is possible to grasp to some extent whether software is an illegally copied one. The experiments show that the proposed software birthmark can effectively identify Windows applications. That is, our proposed technique can be employed to efficiently detect and block pirated programs on OSP and P2P networks.

Key words

Software birthmark, Import Address Table (IAT), Software piracy, Software identification, Dynamic-Link Library (DLL), Application Programming Interface (API), Windows PE

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS130918064H

Publication information

Volume 11, Issue 3 (August 2014)
Special Issue on Mobile Collaboration Technologies and Internet Services
Year of Publication: 2014
ISSN: 2406-1018 (Online)
Publisher: ComSIS Consortium

Full text

Available in PDF
Portable Document Format

How to cite

Han, Y., Choi, J., Cho, S., Yoo, H., Woo, J., Nah, Y., Park, M.: A New Detection Scheme of Software Copyright Infringement using Software Birthmark on Windows Systems. Computer Science and Information Systems, Vol. 11, No. 3, 1055–1069. (2014), https://doi.org/10.2298/CSIS130918064H