idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Medienpartner:
WJ2014


Teilen: 
23.08.2007 11:17

A new method to detect software theft

Saar - Uni - Presseteam Presse- und Informationszentrum
Universität des Saarlandes

    Developing software is expensive. This tempts some programmers to illegally include third-party software in their own programs. Researchers at Saarland University have developed a new method for detecting this kind of software theft. It analyzes the behavior of one program and looks for similarities in other programs.

    Today, most software consists of independent components, which makes it easy to include parts of a software into another program. Yet, for a code owner such theft is difficult to prove in court. David Schuler, researcher at Saarland University, developed a tool called API BIRTHMARK that measures the degree of similarity between programs. A company that suspects code theft may use API BIRTHMARK to run both its own program and a foreign program. When this yields a high degree of similarity, code theft is likely and further investigations are warranted.

    The novelty of Schuler's method is that it compares the behavior of programs rather than their code. A program's code can easily be obfuscated without destroying it. Such obfuscation tools are freely available on the internet. On the other hand, a program's behavior is difficult to change without breaking the program, just like a birthmark. David Schuler and his co-authors Valentin Dallmeier and Christian Lindig have shown that birthmarks from Java programs are immune against the best obfuscation tools available. A paper on the birthmarking technique has been accepted at the Automated Software Engineering (ASE 2007) conference which will be held in Atlanta, USA. This year, only 37 submissions out of 312 got accepted to ASE 2007.

    David Schuler, Valentin Dallmeier, and Dr. Christian Lindig work as researchers at the Software Engineering Chair of Prof. Andreas Zeller at Saarland University, Germany. The group develops statistical approaches for program analysis and defect localization. Another topic is mining the evolution history of programs to predict and avoid software defects. Prof. Zeller was first to systematically analyze the bug databases of Microsoft to predict error-prone components - which are now tested even more thoroughly.

    For additional informations, please call:

    Prof. Dr. Andreas Zeller
    Tel. +49 681 302-64011

    Friederike Meyer zu Tittingdorf
    Tel. +49 681 302-58099


    Weitere Informationen:

    http://www.st.cs.uni-sb.de/birthmarking/ - Birthmarking at Software Engineering Chair at Saarland University
    http://www.cse.msu.edu/ase2007/ - Conference Automated Software Engineering 2007
    http://www.st.cs.uni-sb.de/~lindig/papers/schuler-ase-2007.pdf - Preparing of A Dynamic Birthmark for Java


    Merkmale dieser Pressemitteilung:
    Informationstechnik
    überregional
    Forschungsergebnisse
    Englisch


    Hilfe

    Die Suche / Erweiterte Suche im idw-Archiv
    Verknüpfungen

    Sie können Suchbegriffe mit und, oder und / oder nicht verknüpfen, z. B. Philo nicht logie.

    Klammern

    Verknüpfungen können Sie mit Klammern voneinander trennen, z. B. (Philo nicht logie) oder (Psycho und logie).

    Wortgruppen

    Zusammenhängende Worte werden als Wortgruppe gesucht, wenn Sie sie in Anführungsstriche setzen, z. B. „Bundesrepublik Deutschland“.

    Auswahlkriterien

    Die Erweiterte Suche können Sie auch nutzen, ohne Suchbegriffe einzugeben. Sie orientiert sich dann an den Kriterien, die Sie ausgewählt haben (z. B. nach dem Land oder dem Sachgebiet).

    Haben Sie in einer Kategorie kein Kriterium ausgewählt, wird die gesamte Kategorie durchsucht (z.B. alle Sachgebiete oder alle Länder).