idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Science Video Project
idw-Abo

idw-News App:

AppStore

Google Play Store



Instance:
Share on: 
08/23/2007 11:17

A new method to detect software theft

Saar - Uni - Presseteam Presse- und Informationszentrum
Universität des Saarlandes

    Developing software is expensive. This tempts some programmers to illegally include third-party software in their own programs. Researchers at Saarland University have developed a new method for detecting this kind of software theft. It analyzes the behavior of one program and looks for similarities in other programs.

    Today, most software consists of independent components, which makes it easy to include parts of a software into another program. Yet, for a code owner such theft is difficult to prove in court. David Schuler, researcher at Saarland University, developed a tool called API BIRTHMARK that measures the degree of similarity between programs. A company that suspects code theft may use API BIRTHMARK to run both its own program and a foreign program. When this yields a high degree of similarity, code theft is likely and further investigations are warranted.

    The novelty of Schuler's method is that it compares the behavior of programs rather than their code. A program's code can easily be obfuscated without destroying it. Such obfuscation tools are freely available on the internet. On the other hand, a program's behavior is difficult to change without breaking the program, just like a birthmark. David Schuler and his co-authors Valentin Dallmeier and Christian Lindig have shown that birthmarks from Java programs are immune against the best obfuscation tools available. A paper on the birthmarking technique has been accepted at the Automated Software Engineering (ASE 2007) conference which will be held in Atlanta, USA. This year, only 37 submissions out of 312 got accepted to ASE 2007.

    David Schuler, Valentin Dallmeier, and Dr. Christian Lindig work as researchers at the Software Engineering Chair of Prof. Andreas Zeller at Saarland University, Germany. The group develops statistical approaches for program analysis and defect localization. Another topic is mining the evolution history of programs to predict and avoid software defects. Prof. Zeller was first to systematically analyze the bug databases of Microsoft to predict error-prone components - which are now tested even more thoroughly.

    For additional informations, please call:

    Prof. Dr. Andreas Zeller
    Tel. +49 681 302-64011

    Friederike Meyer zu Tittingdorf
    Tel. +49 681 302-58099


    More information:

    http://www.st.cs.uni-sb.de/birthmarking/ - Birthmarking at Software Engineering Chair at Saarland University
    http://www.cse.msu.edu/ase2007/ - Conference Automated Software Engineering 2007
    http://www.st.cs.uni-sb.de/~lindig/papers/schuler-ase-2007.pdf - Preparing of A Dynamic Birthmark for Java


    Images

    Criteria of this press release:
    Information technology
    transregional, national
    Research results
    English


     

    Help

    Search / advanced search of the idw archives
    Combination of search terms

    You can combine search terms with and, or and/or not, e.g. Philo not logy.

    Brackets

    You can use brackets to separate combinations from each other, e.g. (Philo not logy) or (Psycho and logy).

    Phrases

    Coherent groups of words will be located as complete phrases if you put them into quotation marks, e.g. “Federal Republic of Germany”.

    Selection criteria

    You can also use the advanced search without entering search terms. It will then follow the criteria you have selected (e.g. country or subject area).

    If you have not selected any criteria in a given category, the entire category will be searched (e.g. all subject areas or all countries).