SlideShare a Scribd company logo

F017323439

IOSR Journals
IOSR Journals

Volume 17, Issue 3, Ver. II (May – Jun. 2015)

Technology
1 of 6
Download to read offline
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 17, Issue 3, Ver. II (May – Jun. 2015), PP 34-39 www.iosrjournals.org DOI: 10.9790/0661-17323439 www.iosrjournals.org 34 | Page “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted from runtime heap graph” Mr.Somanath Janardan Salunkhe, Prof. Umesh Laxman Kulkarni PG Student, Dept. of CSE, DYPCET, Shivaji University, Kolhapur, India Department of Computer Engineering, Mumbai University, Mumbai, India Abstract: Software’s, programs are valuable assets to developer companies. However, the source code of programs can be theft and JavaScript programs whose code is easily available which is a serious threat to the industry. There are techniques like watermarking which prove the ownership of the program but it can be defaced and encryption which changes source code but it may decrypted and also it cannot avoid the source code being copied. In this paper, we use a new technique, software birthmark, to help detect code theft of software or program. A birthmark is a unique characteristic of a program which is used to identify the program. We extract the birthmark of software from the run-time heap by using frequent sub graph mining and search the same in suspected program. Keywords: Heap graph, software birthmark, frequent sub graph mining. I. Introduction Software theft is a serious issue in the industry. Software theft detection is very important for software industry. The watermarking is a solution used to prove ownership. Another approach is encryption in which a source code is transformed in such way that it becomes more difficult to understand. A new technique for software theft detection is software birthmark which does not insert any code to the software and it depends on the characteristics of the programs. There are two types of software birthmarks, static birthmarks and dynamic birthmarks. Static birthmarks are extracted from the syntactic structure of a program. Dynamic birthmarks are extracted from the dynamic behavior of a program at run-time. We use dynamic birthmark approach for software theft detection. A birthmark is used to identify software theft, to detect software theft; the dynamic birthmark of the original program is first extracted by using frequent sub graph mining. The same software birthmark will be search in suspected program. If the birthmark is found, the suspected program is a copy of the original program. II. Related work [1] A. Monden, H. Iida, K. I.Matsumoto, K. Inoue, and K. Torii have proposed Watermarking based software theft detection method for java programs. [2] C. Collberg, E. Carter, S. Debray, A. Huntwork, J. Kececioglu, C. Linn, and M. Step have proposed Dynamic path-based software watermarking for software theft detection. [3] X. Wang,Y.-C. Jhi, S. Zhu, and P. Liu have proposed dynamic behavior based software theft detection [4] G.Myles and C. Collberg have detected software theft via whole program path birthmarks. [5] D. Schuler, V. Dallmeier, and C. Lindig have shown robust dynamic birthmark for java program software theft detection. [6] H. Tamada, K. Okamoto, M. Nakamura, A. Monden, and K. I. Matsumoto have designed and evaluated dynamic software birthmarks based on API Calls. [7] P. Chan, L. Hui, and S. Yiu have proposed dynamic JavaScript birthmark based on the run-time heap(JsBirth). [8] P. P. F. Chan, L. C. K. Hui, and S.M. Yiu have used heap memory analysis for dynamic software birthmark formation and comparison for java programs. III. Proposed algorithm Based on above discussion proposed work is to implement and analyze birthmark based software theft detecting system for JavaScript programs. Specifically the proposed work is stated below. 1. Design and implementation of the graph generator and filter-The JavaScript heap profiler will run a JavaScript program and takes multiple heap snapshots in the course of its execution. The graph generator and filter will traverse the objects in the heap snapshots and builds heap graphs out of them. Heap Graph generates for each heap snapshot. Heap snapshot consist arrangement of objects which are created runtime. Heap graph contains various types of objects and edges. Graph filter is used to filter unwanted objects and
“Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 35 | Page edges. Object of type OBJECT and CLOSURE are considered and remaining types of objects are discarded. References of type ELEMENT and PROPERTY are only included other are discarded. 2. Design and implementation of the graph merger –The graph merger will merge the filtered heap graphs together to form one single graph. According to object id all heap graphs are combined together. We merge all the graphs one by one by taking the union set of the nodes and edges of the two graphs being merged. In order to make the resulting superimposition graph also connected, it need to ensure that there is at least one object in common (with the same object ID) in two graphs before superimposing them. 3. Design and implementation of modified Graph Selector- The sub graph selector will select a sub graph from the heap graph to form the birthmark of the original program. The modified Graph Selector will use frequent sub graph mining to get the frequent sub graph that appears in all the heap graphs that are extracted from the program by graph generator and filter. The proposed modified Graph Selector will be tested for its suitableness in using it as the more representative birthmark of the program. 4. Design and implementation of the detector –The detector will search for the birthmark of the original program in the heap graph of the suspected program. 5. Application and analysis of above mentioned scheme for its usefulness, robustness and accuracy in protecting the intellectual property rights of JavaScript developers. IV. Simulation Results Module 1: 1) Graph generator and filter: Algorithm: Input: JavaScript heap profile from JavaScript heap profiler Output: A set of filtered heap graphs captured at different points of time with the annotates nodes in the heap by its object ID. I. Graph generator: For each snapshot taken using the Chromium browser, perform a depth first search traversal of it and print out the heap graph with annotated nodes by its object ID (objects) and edges (reference) and then pass it to a filter. II. Graph filter: Graph Filter working is as follows. For each JavaScript Objects we do following: I. If Object is of type INTERNAL or ARRAY or STRING or CODE discard the object. II. If Object is of type OBJECT or CLOSURE include only ELEMENT and PROPERTY references and III. Filter out every other reference. Module 2: 1) Graph merger: Algorithm: Input: Multiple labelled connected heap graphs G from Graph generator and filter Output: A superimposition of multiple labelled connected heap graphs G into a one single graph M that includes all the nodes and edges appearing in the input heap graphs. The above algorithm superimposes all the graphs one by one by taking the union set of the nodes and edges of the two graphs being merged. In order to make the resulting superimposition graph also connected, it need to ensure that there is at least one object in common (with the same object ID) in two graphs before superimposing them. 2) Sub graph selector: Algorithm: Input: A set of filtered heap graphs captured at different points of time with the annotated nodes in the heap by its object ID (obtained from module 2- graph generator and filter). Output: the frequent sub graphs to be used as the birthmark The modified Graph Selector uses frequent sub graph mining to get the frequent sub graph that appears in all the heap graphs that are extracted from the program by graph generator and filter. For frequent sub graph mining gSpan algorithm is used which is complete frequent sub graph mining algorithm on labeled graphs. gSpan builds a new lexicographic order among graphs, and maps each graph to a unique minimum DFS code as its canonical label. Based on this lexicographic order, gSpan adopts the depth first search strategy to mine frequent connected sub graphs efficiently. This module uses java library ParSeMiS (Parallel and Sequential Graph Mining Suite). The library searches for frequent, interesting substructures in graph databases. It has implementation of gSpan algorithm for frequent sub graph mining.
“Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 36 | Page 3) Sub graph detector: 1. Take birthmarks obtained from plaintiff program. Take single large merged graph obtained from suspected program. 2. For each birthmark a. Check if birthmark is present in single large merged graph. b. If birthmark is found report “yes”. 3. If no birthmark is found report “not found”. Algorithm: Input: sub graphs from the original program and the entire heap graph of the suspected program Output: Determines whether the selected sub graphs of the plaintiff program can be found in the heap graph of the suspected program. I. Takes sub graphs of the objects under the Window objects from the suspected program II. Use sub graph monomorphism to check whether the subgraphs of the plaintiff program can be found in them. III. If a match is found, raise an alert and reports where the match is found. Experimental Result We proposed five modules in this paper, three modules are implemented and result is described in following section. Sub graph detector and analysis are not implemented. The results of first three modules are mentioned We took first heap snapshot of www.google.com and passed it to the Graph Generator. It creates Heap graph by considering all types of object and all types of edges the result of first heap snapshot is as follows Figure 1: Results of Graph Generated by first module from sample firstheapdump We took second heap snapshot of www.google.com and passed it to the Graph Generator. It creates Heap graph by considering all types of object and all types of edges the result of second heap snapshot is as follows
“Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 37 | Page Figure 2:Results of Graph Generated by first module from sample secondheapdump First heap snapshot of www.google.com passed to the Graph Generator which generates heap graph as shown in figure 1.Then resulting graph passed as input to the Graph Filter which only consider Object of type OBJECT and CLOSURE and remaining types of objects are discarded. References of type ELEMENT and PROPERTY are only included other are discarded. The resultant filtered graph is as follows Figure 3: Results of Graph filtered of graph from fig.1 by second module Second heap snapshot of www.google.com passed to the Graph Generator which generates heap graph as shown in figure 2.Then resulting graph passed as input to the Graph Filter which only consider Object of type OBJECT and CLOSURE and remaining types of objects are discarded. References of type ELEMENT and PROPERTY are only included other are discarded. The resultant filtered graph is as follows
“Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 38 | Page Figure 4: Results of Graph filtered of graph from fig.2 by second module. In the heap graph all objects are assigned a unique id. Two snapshots which are shown in figure 3 and figure 4 are passed to the Graph Merger which produces single graph and merging done on the basis of object id. The resultant single graph is s follows Figure 5: Results of merging of two Graphs from fig.3 and fig 4 Frequent sub graph Mining is applied on single graph generated by Graph Merger as shown in figure 5 which searches subgraph with maximum occurrence in the largest graph. The resultant subgraph of graph displayed in figure 5 is as follows
“Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 39 | Page Figure 6: Sub graph selected by sub graph selector module as a software birthmark The resultant sub graph of graph displayed in figure 6 will be search in suspected program. If birthmark will found it will display message as birthmark found otherwise it will display as follows in fig.7 Fig 7: Result display after birthmark searching V. Conclusion We proposed a robust heap graph based software birthmark system for JavaScript programs. We evaluated our birthmark system using 50 large-scale websites and the experiment results are promising with 100% accuracy References [1]. A. Monden, H. Iida, K. I.Matsumoto, K. Inoue, and K. Torii, “Watermarking java programs,” in Proc. Int. Symp. Future Software Technol., Nanjing, China, 1999. [2]. C. Collberg, E. Carter, S. Debray, A. Huntwork, J. Kececioglu, C. Linn, and M. Stepp, “Dynamic path-based software watermarking,” in Proc. ACM SIGPLAN 2004 Conf. Programming Language Design and Implementation (PLDI ’04), New York, 2004, pp. 107–118, ACM. [3]. X. Wang,Y.-C. Jhi, S. Zhu, and P. Liu, “Behavior based software theft detection,” in Proc. 16th ACM Conf. Comput.andCommun. Security (CCS ’09), New York, 2009, pp. 280–290, ACM. [4]. G.Myles and C. Collberg, “Detecting software theft via whole program path birthmarks,” in Proc. Inf. Security 7th Int. Conf. (ISC 2004), Palo Alto, CA, Sep. 27–29, 2004, pp. 404–415. [5]. D. Schuler, V. Dallmeier, and C. Lindig, “A dynamic birthmark for java,” in Proc. 22nd IEEE/ACM Int. Conf. Automated Software Eng. (ASE ’07), New York, 2007, pp. 274–283, ACM. [6]. H. Tamada, K. Okamoto, M. Nakamura, A. Monden, and K. I. Matsumoto, Design and Evaluation of Dynamic Software Birthmarks based on API Calls, Nara Institute of Science and Technology, Tech. Rep., 2007. [7] P. Chan, L. Hui, and S. Yiu, “Jsbirth: Dynamic JavaScript birthmark based on the run-time heap,” in Proc. 2011 IEEE 35th Annu. Comput.Software and Applicat. Conf. (COMPSAC), Jul. 2011, pp. 407–412. [7]. P. P. F. Chan, L. C. K. Hui, and S.M. Yiu, “Dynamic software birthmark for java based on heap memory analysis,” in Proc. 12th IFIP TC 6/TC 11 Int. Conf. Commun. and Multimedia Security (CMS’11), Berlin, Heidelberg, 2011, pp. 94–106, Springer-Verlag. [8]. Yan, X.,Jiawei Han, “gSpan: graph-based substructure pattern mining,” in 2002 IEEE International Conference on Data Mining, 2002. ICDM 2003.

Recommended

"Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения...
"Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения..."Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения...
"Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения...Yandex
 
IRJET- Android Malware Detection using Deep Learning
IRJET- Android Malware Detection using Deep LearningIRJET- Android Malware Detection using Deep Learning
IRJET- Android Malware Detection using Deep LearningIRJET Journal
 
I011125866
I011125866I011125866
I011125866IOSR Journals
 
H012645760.iosr jmce p2
H012645760.iosr jmce p2H012645760.iosr jmce p2
H012645760.iosr jmce p2IOSR Journals
 
H012445056
H012445056H012445056
H012445056IOSR Journals
 
G012534551
G012534551G012534551
G012534551IOSR Journals
 
H1303065861
H1303065861H1303065861
H1303065861IOSR Journals
 
F012623642
F012623642F012623642
F012623642IOSR Journals
 

Recommended

"Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения...
"Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения..."Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения...
"Быстрое обнаружение вредоносного ПО для Android с помощью машинного обучения...Yandex
 
IRJET- Android Malware Detection using Deep Learning
IRJET- Android Malware Detection using Deep LearningIRJET- Android Malware Detection using Deep Learning
IRJET- Android Malware Detection using Deep LearningIRJET Journal
 
I011125866
I011125866I011125866
I011125866IOSR Journals
 
H012645760.iosr jmce p2
H012645760.iosr jmce p2H012645760.iosr jmce p2
H012645760.iosr jmce p2IOSR Journals
 
H012445056
H012445056H012445056
H012445056IOSR Journals
 
G012534551
G012534551G012534551
G012534551IOSR Journals
 
H1303065861
H1303065861H1303065861
H1303065861IOSR Journals
 
F012623642
F012623642F012623642
F012623642IOSR Journals
 
N1304038490
N1304038490N1304038490
N1304038490IOSR Journals
 
G010513644
G010513644G010513644
G010513644IOSR Journals
 
N13030789100
N13030789100N13030789100
N13030789100IOSR Journals
 
F1803042939
F1803042939F1803042939
F1803042939IOSR Journals
 
F1803042939
F1803042939F1803042939
F1803042939IOSR Journals
 
K017516167
K017516167K017516167
K017516167IOSR Journals
 
C1803011419
C1803011419C1803011419
C1803011419IOSR Journals
 
C017351116
C017351116C017351116
C017351116IOSR Journals
 
J013166067
J013166067J013166067
J013166067IOSR Journals
 
O01061103111
O01061103111O01061103111
O01061103111IOSR Journals
 
C011111523
C011111523C011111523
C011111523IOSR Journals
 
Bandwidth enhancement of rectangular microstrip patch antenna using slots
Bandwidth enhancement of rectangular microstrip patch antenna using slotsBandwidth enhancement of rectangular microstrip patch antenna using slots
Bandwidth enhancement of rectangular microstrip patch antenna using slotsIOSR Journals
 
B1103031217
B1103031217B1103031217
B1103031217IOSR Journals
 
D010612126
D010612126D010612126
D010612126IOSR Journals
 
P18030492101
P18030492101P18030492101
P18030492101IOSR Journals
 
D010212533
D010212533D010212533
D010212533IOSR Journals
 
A017120105
A017120105A017120105
A017120105IOSR Journals
 
D017412935
D017412935D017412935
D017412935IOSR Journals
 
C013141723
C013141723C013141723
C013141723IOSR Journals
 
D017111619
D017111619D017111619
D017111619IOSR Journals
 
Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Swati Patel
 
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSoftware Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSwati Patel
 

More Related Content

Viewers also liked

Bandwidth enhancement of rectangular microstrip patch antenna using slots
Bandwidth enhancement of rectangular microstrip patch antenna using slotsBandwidth enhancement of rectangular microstrip patch antenna using slots
Bandwidth enhancement of rectangular microstrip patch antenna using slotsIOSR Journals
 

Viewers also liked (20)

N1304038490
N1304038490N1304038490
N1304038490
 
G010513644
G010513644G010513644
G010513644
 
N13030789100
N13030789100N13030789100
N13030789100
 
F1803042939
F1803042939F1803042939
F1803042939
 
F1803042939
F1803042939F1803042939
F1803042939
 
K017516167
K017516167K017516167
K017516167
 
C1803011419
C1803011419C1803011419
C1803011419
 
C017351116
C017351116C017351116
C017351116
 
J013166067
J013166067J013166067
J013166067
 
O01061103111
O01061103111O01061103111
O01061103111
 
C011111523
C011111523C011111523
C011111523
 
Bandwidth enhancement of rectangular microstrip patch antenna using slots
Bandwidth enhancement of rectangular microstrip patch antenna using slotsBandwidth enhancement of rectangular microstrip patch antenna using slots
Bandwidth enhancement of rectangular microstrip patch antenna using slots
 
B1103031217
B1103031217B1103031217
B1103031217
 
D010612126
D010612126D010612126
D010612126
 
P18030492101
P18030492101P18030492101
P18030492101
 
D010212533
D010212533D010212533
D010212533
 
A017120105
A017120105A017120105
A017120105
 
D017412935
D017412935D017412935
D017412935
 
C013141723
C013141723C013141723
C013141723
 
D017111619
D017111619D017111619
D017111619
 

Similar to F017323439

Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Swati Patel
 
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSoftware Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSwati Patel
 
IRJET - Research on Data Mining of Permission-Induced Risk for Android Devices
IRJET - Research on Data Mining of Permission-Induced Risk for Android DevicesIRJET - Research on Data Mining of Permission-Induced Risk for Android Devices
IRJET - Research on Data Mining of Permission-Induced Risk for Android DevicesIRJET Journal
 
MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...
MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...
MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...IJNSA Journal
 
A FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROID
A FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROIDA FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROID
A FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROIDIJNSA Journal
 
A hybrid model to detect malicious executables
A hybrid model to detect malicious executablesA hybrid model to detect malicious executables
A hybrid model to detect malicious executablesUltraUploader
 
IRJET- Android Malware Detection using Machine Learning
IRJET- Android Malware Detection using Machine LearningIRJET- Android Malware Detection using Machine Learning
IRJET- Android Malware Detection using Machine LearningIRJET Journal
 
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONS
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONSANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONS
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONSIJNSA Journal
 
Androinspector a system for
Androinspector a system forAndroinspector a system for
Androinspector a system forIJNSA Journal
 
Survey on Fraud Malware Detection in Google Play Store
Survey on Fraud Malware Detection in Google Play Store Survey on Fraud Malware Detection in Google Play Store
Survey on Fraud Malware Detection in Google Play Store IRJET Journal
 
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROIDMACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROIDIRJET Journal
 
Cryptographic misuse in android applications
Cryptographic misuse in android applicationsCryptographic misuse in android applications
Cryptographic misuse in android applicationsAashish R
 
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORMDMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORMcsandit
 
Permission based Android Malware Detection using Random Forest
Permission based Android Malware Detection using Random ForestPermission based Android Malware Detection using Random Forest
Permission based Android Malware Detection using Random ForestIRJET Journal
 
Android malware detection_using_autoenco (1)
Android malware detection_using_autoenco (1)Android malware detection_using_autoenco (1)
Android malware detection_using_autoenco (1)Zahid Qaisar
 
Automatic reverse engineering of malware emulators
Automatic reverse engineering of malware emulatorsAutomatic reverse engineering of malware emulators
Automatic reverse engineering of malware emulatorsUltraUploader
 
Cryptographic misuse
Cryptographic misuseCryptographic misuse
Cryptographic misuseAashish R
 
Privacy Preserving Mining in Code Profiling Data
Privacy Preserving Mining in Code Profiling DataPrivacy Preserving Mining in Code Profiling Data
Privacy Preserving Mining in Code Profiling DataDr. Amarjeet Singh
 
Obfuscation and Mutation in Malware
Obfuscation and Mutation in Malware Obfuscation and Mutation in Malware
Obfuscation and Mutation in Malware KADARI SHIVRAJ
 

Similar to F017323439 (20)

Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey Software Birthmark for Theft Detection of JavaScript Programs: A Survey
Software Birthmark for Theft Detection of JavaScript Programs: A Survey
 
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSoftware Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
 
IRJET - Research on Data Mining of Permission-Induced Risk for Android Devices
IRJET - Research on Data Mining of Permission-Induced Risk for Android DevicesIRJET - Research on Data Mining of Permission-Induced Risk for Android Devices
IRJET - Research on Data Mining of Permission-Induced Risk for Android Devices
 
MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...
MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...
MALWARE DETECTION USING MACHINE LEARNING ALGORITHMS AND REVERSE ENGINEERING O...
 
A FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROID
A FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROIDA FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROID
A FRAMEWORK FOR THE DETECTION OF BANKING TROJANS IN ANDROID
 
H017445260
H017445260H017445260
H017445260
 
A hybrid model to detect malicious executables
A hybrid model to detect malicious executablesA hybrid model to detect malicious executables
A hybrid model to detect malicious executables
 
IRJET- Android Malware Detection using Machine Learning
IRJET- Android Malware Detection using Machine LearningIRJET- Android Malware Detection using Machine Learning
IRJET- Android Malware Detection using Machine Learning
 
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONS
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONSANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONS
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONS
 
Androinspector a system for
Androinspector a system forAndroinspector a system for
Androinspector a system for
 
Survey on Fraud Malware Detection in Google Play Store
Survey on Fraud Malware Detection in Google Play Store Survey on Fraud Malware Detection in Google Play Store
Survey on Fraud Malware Detection in Google Play Store
 
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROIDMACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
 
Cryptographic misuse in android applications
Cryptographic misuse in android applicationsCryptographic misuse in android applications
Cryptographic misuse in android applications
 
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORMDMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
 
Permission based Android Malware Detection using Random Forest
Permission based Android Malware Detection using Random ForestPermission based Android Malware Detection using Random Forest
Permission based Android Malware Detection using Random Forest
 
Android malware detection_using_autoenco (1)
Android malware detection_using_autoenco (1)Android malware detection_using_autoenco (1)
Android malware detection_using_autoenco (1)
 
Automatic reverse engineering of malware emulators
Automatic reverse engineering of malware emulatorsAutomatic reverse engineering of malware emulators
Automatic reverse engineering of malware emulators
 
Cryptographic misuse
Cryptographic misuseCryptographic misuse
Cryptographic misuse
 
Privacy Preserving Mining in Code Profiling Data
Privacy Preserving Mining in Code Profiling DataPrivacy Preserving Mining in Code Profiling Data
Privacy Preserving Mining in Code Profiling Data
 
Obfuscation and Mutation in Malware
Obfuscation and Mutation in Malware Obfuscation and Mutation in Malware
Obfuscation and Mutation in Malware
 

More from IOSR Journals

More from IOSR Journals (20)

A011140104
A011140104A011140104
A011140104
 
M0111397100
M0111397100M0111397100
M0111397100
 
L011138596
L011138596L011138596
L011138596
 
K011138084
K011138084K011138084
K011138084
 
J011137479
J011137479J011137479
J011137479
 
I011136673
I011136673I011136673
I011136673
 
G011134454
G011134454G011134454
G011134454
 
H011135565
H011135565H011135565
H011135565
 
F011134043
F011134043F011134043
F011134043
 
E011133639
E011133639E011133639
E011133639
 
D011132635
D011132635D011132635
D011132635
 
C011131925
C011131925C011131925
C011131925
 
B011130918
B011130918B011130918
B011130918
 
A011130108
A011130108A011130108
A011130108
 
I011125160
I011125160I011125160
I011125160
 
H011124050
H011124050H011124050
H011124050
 
G011123539
G011123539G011123539
G011123539
 
F011123134
F011123134F011123134
F011123134
 
E011122530
E011122530E011122530
E011122530
 
D011121524
D011121524D011121524
D011121524
 

Recently uploaded

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

Recently uploaded (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

F017323439

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 17, Issue 3, Ver. II (May – Jun. 2015), PP 34-39 www.iosrjournals.org DOI: 10.9790/0661-17323439 www.iosrjournals.org 34 | Page “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted from runtime heap graph” Mr.Somanath Janardan Salunkhe, Prof. Umesh Laxman Kulkarni PG Student, Dept. of CSE, DYPCET, Shivaji University, Kolhapur, India Department of Computer Engineering, Mumbai University, Mumbai, India Abstract: Software’s, programs are valuable assets to developer companies. However, the source code of programs can be theft and JavaScript programs whose code is easily available which is a serious threat to the industry. There are techniques like watermarking which prove the ownership of the program but it can be defaced and encryption which changes source code but it may decrypted and also it cannot avoid the source code being copied. In this paper, we use a new technique, software birthmark, to help detect code theft of software or program. A birthmark is a unique characteristic of a program which is used to identify the program. We extract the birthmark of software from the run-time heap by using frequent sub graph mining and search the same in suspected program. Keywords: Heap graph, software birthmark, frequent sub graph mining. I. Introduction Software theft is a serious issue in the industry. Software theft detection is very important for software industry. The watermarking is a solution used to prove ownership. Another approach is encryption in which a source code is transformed in such way that it becomes more difficult to understand. A new technique for software theft detection is software birthmark which does not insert any code to the software and it depends on the characteristics of the programs. There are two types of software birthmarks, static birthmarks and dynamic birthmarks. Static birthmarks are extracted from the syntactic structure of a program. Dynamic birthmarks are extracted from the dynamic behavior of a program at run-time. We use dynamic birthmark approach for software theft detection. A birthmark is used to identify software theft, to detect software theft; the dynamic birthmark of the original program is first extracted by using frequent sub graph mining. The same software birthmark will be search in suspected program. If the birthmark is found, the suspected program is a copy of the original program. II. Related work [1] A. Monden, H. Iida, K. I.Matsumoto, K. Inoue, and K. Torii have proposed Watermarking based software theft detection method for java programs. [2] C. Collberg, E. Carter, S. Debray, A. Huntwork, J. Kececioglu, C. Linn, and M. Step have proposed Dynamic path-based software watermarking for software theft detection. [3] X. Wang,Y.-C. Jhi, S. Zhu, and P. Liu have proposed dynamic behavior based software theft detection [4] G.Myles and C. Collberg have detected software theft via whole program path birthmarks. [5] D. Schuler, V. Dallmeier, and C. Lindig have shown robust dynamic birthmark for java program software theft detection. [6] H. Tamada, K. Okamoto, M. Nakamura, A. Monden, and K. I. Matsumoto have designed and evaluated dynamic software birthmarks based on API Calls. [7] P. Chan, L. Hui, and S. Yiu have proposed dynamic JavaScript birthmark based on the run-time heap(JsBirth). [8] P. P. F. Chan, L. C. K. Hui, and S.M. Yiu have used heap memory analysis for dynamic software birthmark formation and comparison for java programs. III. Proposed algorithm Based on above discussion proposed work is to implement and analyze birthmark based software theft detecting system for JavaScript programs. Specifically the proposed work is stated below. 1. Design and implementation of the graph generator and filter-The JavaScript heap profiler will run a JavaScript program and takes multiple heap snapshots in the course of its execution. The graph generator and filter will traverse the objects in the heap snapshots and builds heap graphs out of them. Heap Graph generates for each heap snapshot. Heap snapshot consist arrangement of objects which are created runtime. Heap graph contains various types of objects and edges. Graph filter is used to filter unwanted objects and
  • 2. “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 35 | Page edges. Object of type OBJECT and CLOSURE are considered and remaining types of objects are discarded. References of type ELEMENT and PROPERTY are only included other are discarded. 2. Design and implementation of the graph merger –The graph merger will merge the filtered heap graphs together to form one single graph. According to object id all heap graphs are combined together. We merge all the graphs one by one by taking the union set of the nodes and edges of the two graphs being merged. In order to make the resulting superimposition graph also connected, it need to ensure that there is at least one object in common (with the same object ID) in two graphs before superimposing them. 3. Design and implementation of modified Graph Selector- The sub graph selector will select a sub graph from the heap graph to form the birthmark of the original program. The modified Graph Selector will use frequent sub graph mining to get the frequent sub graph that appears in all the heap graphs that are extracted from the program by graph generator and filter. The proposed modified Graph Selector will be tested for its suitableness in using it as the more representative birthmark of the program. 4. Design and implementation of the detector –The detector will search for the birthmark of the original program in the heap graph of the suspected program. 5. Application and analysis of above mentioned scheme for its usefulness, robustness and accuracy in protecting the intellectual property rights of JavaScript developers. IV. Simulation Results Module 1: 1) Graph generator and filter: Algorithm: Input: JavaScript heap profile from JavaScript heap profiler Output: A set of filtered heap graphs captured at different points of time with the annotates nodes in the heap by its object ID. I. Graph generator: For each snapshot taken using the Chromium browser, perform a depth first search traversal of it and print out the heap graph with annotated nodes by its object ID (objects) and edges (reference) and then pass it to a filter. II. Graph filter: Graph Filter working is as follows. For each JavaScript Objects we do following: I. If Object is of type INTERNAL or ARRAY or STRING or CODE discard the object. II. If Object is of type OBJECT or CLOSURE include only ELEMENT and PROPERTY references and III. Filter out every other reference. Module 2: 1) Graph merger: Algorithm: Input: Multiple labelled connected heap graphs G from Graph generator and filter Output: A superimposition of multiple labelled connected heap graphs G into a one single graph M that includes all the nodes and edges appearing in the input heap graphs. The above algorithm superimposes all the graphs one by one by taking the union set of the nodes and edges of the two graphs being merged. In order to make the resulting superimposition graph also connected, it need to ensure that there is at least one object in common (with the same object ID) in two graphs before superimposing them. 2) Sub graph selector: Algorithm: Input: A set of filtered heap graphs captured at different points of time with the annotated nodes in the heap by its object ID (obtained from module 2- graph generator and filter). Output: the frequent sub graphs to be used as the birthmark The modified Graph Selector uses frequent sub graph mining to get the frequent sub graph that appears in all the heap graphs that are extracted from the program by graph generator and filter. For frequent sub graph mining gSpan algorithm is used which is complete frequent sub graph mining algorithm on labeled graphs. gSpan builds a new lexicographic order among graphs, and maps each graph to a unique minimum DFS code as its canonical label. Based on this lexicographic order, gSpan adopts the depth first search strategy to mine frequent connected sub graphs efficiently. This module uses java library ParSeMiS (Parallel and Sequential Graph Mining Suite). The library searches for frequent, interesting substructures in graph databases. It has implementation of gSpan algorithm for frequent sub graph mining.
  • 3. “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 36 | Page 3) Sub graph detector: 1. Take birthmarks obtained from plaintiff program. Take single large merged graph obtained from suspected program. 2. For each birthmark a. Check if birthmark is present in single large merged graph. b. If birthmark is found report “yes”. 3. If no birthmark is found report “not found”. Algorithm: Input: sub graphs from the original program and the entire heap graph of the suspected program Output: Determines whether the selected sub graphs of the plaintiff program can be found in the heap graph of the suspected program. I. Takes sub graphs of the objects under the Window objects from the suspected program II. Use sub graph monomorphism to check whether the subgraphs of the plaintiff program can be found in them. III. If a match is found, raise an alert and reports where the match is found. Experimental Result We proposed five modules in this paper, three modules are implemented and result is described in following section. Sub graph detector and analysis are not implemented. The results of first three modules are mentioned We took first heap snapshot of www.google.com and passed it to the Graph Generator. It creates Heap graph by considering all types of object and all types of edges the result of first heap snapshot is as follows Figure 1: Results of Graph Generated by first module from sample firstheapdump We took second heap snapshot of www.google.com and passed it to the Graph Generator. It creates Heap graph by considering all types of object and all types of edges the result of second heap snapshot is as follows
  • 4. “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 37 | Page Figure 2:Results of Graph Generated by first module from sample secondheapdump First heap snapshot of www.google.com passed to the Graph Generator which generates heap graph as shown in figure 1.Then resulting graph passed as input to the Graph Filter which only consider Object of type OBJECT and CLOSURE and remaining types of objects are discarded. References of type ELEMENT and PROPERTY are only included other are discarded. The resultant filtered graph is as follows Figure 3: Results of Graph filtered of graph from fig.1 by second module Second heap snapshot of www.google.com passed to the Graph Generator which generates heap graph as shown in figure 2.Then resulting graph passed as input to the Graph Filter which only consider Object of type OBJECT and CLOSURE and remaining types of objects are discarded. References of type ELEMENT and PROPERTY are only included other are discarded. The resultant filtered graph is as follows
  • 5. “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 38 | Page Figure 4: Results of Graph filtered of graph from fig.2 by second module. In the heap graph all objects are assigned a unique id. Two snapshots which are shown in figure 3 and figure 4 are passed to the Graph Merger which produces single graph and merging done on the basis of object id. The resultant single graph is s follows Figure 5: Results of merging of two Graphs from fig.3 and fig 4 Frequent sub graph Mining is applied on single graph generated by Graph Merger as shown in figure 5 which searches subgraph with maximum occurrence in the largest graph. The resultant subgraph of graph displayed in figure 5 is as follows
  • 6. “Software Theft Detection for JavaScript programs based on dynamic birthmark extracted ..... DOI: 10.9790/0661-17323439 www.iosrjournals.org 39 | Page Figure 6: Sub graph selected by sub graph selector module as a software birthmark The resultant sub graph of graph displayed in figure 6 will be search in suspected program. If birthmark will found it will display message as birthmark found otherwise it will display as follows in fig.7 Fig 7: Result display after birthmark searching V. Conclusion We proposed a robust heap graph based software birthmark system for JavaScript programs. We evaluated our birthmark system using 50 large-scale websites and the experiment results are promising with 100% accuracy References [1]. A. Monden, H. Iida, K. I.Matsumoto, K. Inoue, and K. Torii, “Watermarking java programs,” in Proc. Int. Symp. Future Software Technol., Nanjing, China, 1999. [2]. C. Collberg, E. Carter, S. Debray, A. Huntwork, J. Kececioglu, C. Linn, and M. Stepp, “Dynamic path-based software watermarking,” in Proc. ACM SIGPLAN 2004 Conf. Programming Language Design and Implementation (PLDI ’04), New York, 2004, pp. 107–118, ACM. [3]. X. Wang,Y.-C. Jhi, S. Zhu, and P. Liu, “Behavior based software theft detection,” in Proc. 16th ACM Conf. Comput.andCommun. Security (CCS ’09), New York, 2009, pp. 280–290, ACM. [4]. G.Myles and C. Collberg, “Detecting software theft via whole program path birthmarks,” in Proc. Inf. Security 7th Int. Conf. (ISC 2004), Palo Alto, CA, Sep. 27–29, 2004, pp. 404–415. [5]. D. Schuler, V. Dallmeier, and C. Lindig, “A dynamic birthmark for java,” in Proc. 22nd IEEE/ACM Int. Conf. Automated Software Eng. (ASE ’07), New York, 2007, pp. 274–283, ACM. [6]. H. Tamada, K. Okamoto, M. Nakamura, A. Monden, and K. I. Matsumoto, Design and Evaluation of Dynamic Software Birthmarks based on API Calls, Nara Institute of Science and Technology, Tech. Rep., 2007. [7] P. Chan, L. Hui, and S. Yiu, “Jsbirth: Dynamic JavaScript birthmark based on the run-time heap,” in Proc. 2011 IEEE 35th Annu. Comput.Software and Applicat. Conf. (COMPSAC), Jul. 2011, pp. 407–412. [7]. P. P. F. Chan, L. C. K. Hui, and S.M. Yiu, “Dynamic software birthmark for java based on heap memory analysis,” in Proc. 12th IFIP TC 6/TC 11 Int. Conf. Commun. and Multimedia Security (CMS’11), Berlin, Heidelberg, 2011, pp. 94–106, Springer-Verlag. [8]. Yan, X.,Jiawei Han, “gSpan: graph-based substructure pattern mining,” in 2002 IEEE International Conference on Data Mining, 2002. ICDM 2003.