A New Detection Scheme of Software Copyright Infringement using Software Birthmark on Windows Systems

Yongman Han1, Jongcheon Choi1, Seong-je Cho1, Haeyoung Yoo2, Jinwoon Woo2, Yunmook Nah3 and Minkyu Park4

  1. Dept. of Computer Science, Dankook University Yongin
    Korea, 448-701
    {grid_ym, godofslp, sjcho}@dankook.ac.kr
  2. Dept. of Software Science, Dankook University Yongin
    Korea, 448-701
    {yoohy, jwwoo}@dankook.ac.kr
  3. Dept. of Applied Computer Engineering, Dankook University Yongin
    Korea, 448-701
    ymnah@dankook.ac.kr
  4. Dept. of Computer Engineering, Konkuk University
    Chungju, Korea, 380-701
    minkyup@kku.ac.kr

Abstract

As software is getting more valuable, unauthorized users or malicious programmers illegally copies and distributes copyrighted software over online service provider (OSP) and P2P networks. To detect, block, and remove pirated software (illegal programs) on OSP and P2P networks, this paper proposes a new filtering approach using software birthmark, which is unique characteristics of program and can be used to identify each program. Software birthmark typically includes constant values, library information, sequence of function calls, and call graphs, etc. We target Microsoft Windows applications and utilize the numbers and names of DLLs and APIs stored in a Windows executable file. Using that information and each cryptographic hash value of the API sequence of programs, we construct software birthmark database. Whenever a program is uploaded or downloaded on OSP and P2P networks, we can identify the program by comparing software birthmark of the program with birthmarks in the database. It is possible to grasp to some extent whether software is an illegally copied one. The experiments show that the proposed software birthmark can effectively identify Windows applications. That is, our proposed technique can be employed to efficiently detect and block pirated programs on OSP and P2P networks.

Key words

Software birthmark, Import Address Table (IAT), Software piracy, Software identification, Dynamic-Link Library (DLL), Application Programming Interface (API), Windows PE

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS130918064H

Publication information

Volume 11, Issue 3 (August 2014)
Special Issue on Mobile Collaboration Technologies and Internet Services
Year of Publication: 2014
ISSN: 1820-0214 (Print) 2406-1018 (Online)
Publisher: ComSIS Consortium

Full text

DownloadAvailable in PDF
Portable Document Format

How to cite

Han, Y., Choi, J., Cho, S., Yoo, H., Woo, J., Nah, Y., Park, M.: A New Detection Scheme of Software Copyright Infringement using Software Birthmark on Windows Systems. Computer Science and Information Systems, Vol. 11, No. 3, 1055–1069. (2014)