Open Access Open Access  Restricted Access Subscription Access

Open Source Software Detection Using Function Parameter Based Software Birthmark

Dongjin Kim,
Seong-je Cho,
Minkyu Park,
Sangchul Han,

Abstract


As more software companies widely use Open-Source Software (OSS), the risk of open-source license violation has grown increasingly high. Moreover, because the companies often receive software module from upstream suppliers in binary form, it is very hard to obtain the source code. Software distributed in binary form frequently includes third-party libraries without following their licenses. Therefore, it is necessary to develop a technique for detecting OSS or unlicensed third-party code in their software products at the binary level not source level. In this paper, we propose an efficient function parameter based software birthmark at the binary level and develop a scheme to detect OSS using the birthmark. The proposed birthmark is based on the attributes of function parameters such as the number, types, and order. These attributes represent an intrinsic property of a function and are resilient to compiler optimization too. The new birthmark makes use of type mapping of function parameters of each function. Our scheme first extracts the birthmarks from target binary files, and determines whether a binary file contains another binary (e.g., OSS component) by computing the similarity between the extracted birthmarks. We also present an OSS detection framework that can integrate various birthmarking schemes with similarity computation algorithms. Our framework selects an appropriate algorithm to measure software similarity depending on the binary file type of target executables. The framework provides semi-global alignment, local alignment, and sliding-window k-gram algorithms for efficient detection of an OSS component contained in a target executable. The efficiency and effectiveness of the proposed framework are demonstrated through extensive experimentation.

Keywords


Open-source software; Software birthmark; Function parameter; Sequence alignment; K-gram

Citation Format:
Dongjin Kim, Seong-je Cho, Minkyu Park, Sangchul Han, "Open Source Software Detection Using Function Parameter Based Software Birthmark," Journal of Internet Technology, vol. 18, no. 4 , pp. 801-811, Jul. 2017.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Library and Information Center, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd. Shoufeng, Hualien 97401, Taiwan, R.O.C.
Tel: +886-3-931-7017  E-mail: jit.editorial@gmail.com