File Download
  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: JSBiRTH: Dynamic javascript birthmark based on the run-time heap

TitleJSBiRTH: Dynamic javascript birthmark based on the run-time heap
Authors
KeywordsBirthmark
Code theft detection
JavaScript
Software protection
Issue Date2011
PublisherIEEE. The Journal's web site is located at http://www.ieeexplore.ieee.org/xpl/conhome.jsp?punumber=1000143
Citation
The 35th IEEE Annual Computer Software and Applications Conference (COMPSAC 2011), Munich, Germany, 18-22 July 2011. In Proceedings of 35th COMPSAC, 2011, p. 407-412 How to Cite?
AbstractJavaScript is currently the dominating client-side scripting language in the web community. However, the source code of JavaScript can be easily copied through a browser. The intellectual property right of the developers lacks protection. In this paper, we consider using dynamic software birthmark for JavaScript. Instead of using control flow trace (which can be corrupted by code obfuscation) and API (which may not work if the software does not have many API calls), we exploit the run-time heap, which reflects substantially the dynamic behavior of a program, to extract birthmarks. We introduce JSBiRTH, a novel software birthmark system for JavaScript based on the comparison of run-time heaps. We evaluated our system using 20 JavaScript programs with most of them being large-scale. Our system gave no false positive or false negative. Moreover, it is robust against code obfuscation attack. We also show that our system is effective in detecting partial code theft. © 2011 IEEE.
Persistent Identifierhttp://hdl.handle.net/10722/139990
ISSN
References

 

DC FieldValueLanguage
dc.contributor.authorChan, PPFen_HK
dc.contributor.authorHui, LCKen_HK
dc.contributor.authorYiu, SMen_HK
dc.date.accessioned2011-09-23T06:04:28Z-
dc.date.available2011-09-23T06:04:28Z-
dc.date.issued2011en_HK
dc.identifier.citationThe 35th IEEE Annual Computer Software and Applications Conference (COMPSAC 2011), Munich, Germany, 18-22 July 2011. In Proceedings of 35th COMPSAC, 2011, p. 407-412en_HK
dc.identifier.issn0730-3157en_HK
dc.identifier.urihttp://hdl.handle.net/10722/139990-
dc.description.abstractJavaScript is currently the dominating client-side scripting language in the web community. However, the source code of JavaScript can be easily copied through a browser. The intellectual property right of the developers lacks protection. In this paper, we consider using dynamic software birthmark for JavaScript. Instead of using control flow trace (which can be corrupted by code obfuscation) and API (which may not work if the software does not have many API calls), we exploit the run-time heap, which reflects substantially the dynamic behavior of a program, to extract birthmarks. We introduce JSBiRTH, a novel software birthmark system for JavaScript based on the comparison of run-time heaps. We evaluated our system using 20 JavaScript programs with most of them being large-scale. Our system gave no false positive or false negative. Moreover, it is robust against code obfuscation attack. We also show that our system is effective in detecting partial code theft. © 2011 IEEE.en_HK
dc.languageengen_US
dc.publisherIEEE. The Journal's web site is located at http://www.ieeexplore.ieee.org/xpl/conhome.jsp?punumber=1000143-
dc.relation.ispartofProceedings of IEEE Annual International Computer Software and Applications Conference, COMPSAC 2011en_HK
dc.rightsProceedings of IEEE Annual International Computer Software and Applications Conference. Copyright © IEEE.-
dc.rightsCreative Commons: Attribution 3.0 Hong Kong License-
dc.rights©2011 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.-
dc.subjectBirthmarken_HK
dc.subjectCode theft detectionen_HK
dc.subjectJavaScripten_HK
dc.subjectSoftware protectionen_HK
dc.titleJSBiRTH: Dynamic javascript birthmark based on the run-time heapen_HK
dc.typeConference_Paperen_HK
dc.identifier.emailHui, LCK:hui@cs.hku.hken_HK
dc.identifier.emailYiu, SM:smyiu@cs.hku.hken_HK
dc.identifier.authorityHui, LCK=rp00120en_HK
dc.identifier.authorityYiu, SM=rp00207en_HK
dc.description.naturepublished_or_final_version-
dc.identifier.doi10.1109/COMPSAC.2011.60en_HK
dc.identifier.scopuseid_2-s2.0-80055008083en_HK
dc.identifier.hkuros192252en_US
dc.relation.referenceshttp://www.scopus.com/mlt/select.url?eid=2-s2.0-80055008083&selection=ref&src=s&origin=recordpageen_HK
dc.identifier.spage407en_HK
dc.identifier.epage412en_HK
dc.publisher.placeUnited Statesen_HK
dc.description.otherThe 35th IEEE Annual Computer Software and Applications Conference (COMPSAC 2011), Munich, Germany, 18-22 July 2011. In Proceedings of 35th COMPSAC, 2011, p. 407-412-
dc.identifier.scopusauthoridChan, PPF=52563246100en_HK
dc.identifier.scopusauthoridHui, LCK=8905728300en_HK
dc.identifier.scopusauthoridYiu, SM=7003282240en_HK

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats