Title :
JSBiRTH: Dynamic JavaScript Birthmark Based on the Run-Time Heap
Author :
Chan, Patrick P F ; Hui, Lucas C K ; Yiu, S.M.
Author_Institution :
Dept. of Comput. Sci., Univ. of Hong Kong, Pokfulam, China
Abstract :
JavaScript is currently the dominating client-side scripting language in the web community. However, the source code of JavaScript can be easily copied through a browser. The intellectual property right of the developers lacks protection. In this paper, we consider using dynamic software birthmark for JavaScript. Instead of using control flow trace (which can be corrupted by code obfuscation) and API (which may not work if the software does not have many API calls), we exploit the run-time heap, which reflects substantially the dynamic behavior of a program, to extract birthmarks. We introduce JSBiRTH, a novel software birthmark system for JavaScript based on the comparison of run-time heaps. We evaluated our system using 20 JavaScript programs with most of them being large-scale. Our system gave no false positive or false negative. Moreover, it is robust against code obfuscation attack. We also show that our system is effective in detecting partial code theft.
Keywords :
Java; application program interfaces; authoring languages; client-server systems; industrial property; online front-ends; API; JSBiRTH; JavaScript program dynamic behavior; Web community; client-side scripting language; code obfuscation attack; control flow trace; dynamic JavaScript birthmark; dynamic software birthmark system; intellectual property right; partial code theft detection; run-time heap; Browsers; Chromium; Engines; Libraries; Robustness; Software; Watermarking; JavaScript; birthmark; code theft detection; software protection;
Conference_Titel :
Computer Software and Applications Conference (COMPSAC), 2011 IEEE 35th Annual
Conference_Location :
Munich
Print_ISBN :
978-1-4577-0544-1
Electronic_ISBN :
0730-3157
DOI :
10.1109/COMPSAC.2011.60
