Definitions
+ A birthmark is unique and native characteristics of a program. For
+pair of programs <p> and <q>, if <q> has the same birthmark as <p>'s,
+<q> is suspected as a <<copy>> of <p>. Ideally, the birthmarks should
+satisfy the following properties:
+
+ [[(a)]] <<preservation>>: the birthmarks should be preserved even
+if the original class file is tampered with, and
+
+ [[(b)]] <<distinction>>: independent class files must be
+distinguished by completely different birthmarks.
+
*Birthmark
Let <p>, <q> be programs and <f(p)> be a set of characteristics
extracted from <p> by a certain method <f>. Then <f(p)> is called a
<birthmark> of <p> iff both of the following conditions are satisfied.
-*Conditions of Birthmark
+ [[1]]<f(p)> is obtained from <p> itself without any extra information.
+
+ [[2]]If <q> is copied from <p>, then <f(p)=f(q)>
First condition means that the birthmark is not extra information and
is required for <p> to run. Hence, extracting a birthmark does not
<p> is different from <q> holds. That is, we can guarantee that <q> is
not a copy of <p>.
- [[1]]<f(p)> is obtained from <p> itself without any extra information.
+ Hopefully, a birthmark will satisfy the following properties.
- [[2]]If <q> is copied from <p>, then <f(p)=f(q)>
+ [[Property 1: Preservation]] For <p'> obtained from <p> by any
+program transformation, <f(p) = f(p')> holds.
-*Properties of Birthmark
+ [[Property 2: Distinction]] For <p> and <q> such that same
+specification, if <p> and <q> are written independently, then
+<f(p)!=f(q)>.
- Hopefully, a birthmark will satisfy the following properties. These
-properties strengthen Condition 2 of birthmark definition. First
-property specifies <preservation property> of the birthmark against
-program transformation. Preservation property specifies that the same
-birthmark must be obtained from <p> and converted to <p'>. However,
-there exist many ways to transform a program into an equivalent
-one. Hence, in reality, it is difficult to extract strong enough
-birthmarks to perfectly satisfy preservation property.
+These properties strengthen Condition 2 of birthmark definition.
+First property specifies <preservation property> of the birthmark
+against program transformation. Preservation property specifies that
+the same birthmark must be obtained from <p> and converted to <p'>.
+However, there exist many ways to transform a program into an
+equivalent one. Hence, in reality, it is difficult to extract strong
+enough birthmarks to perfectly satisfy preservation property.
Second property specifies the <distinction property> of the
birthmark, stating that: even though the specification of <p> and <q>
same, even if <p> and <q> are written independently. Those properties
should be tuned within an allowable range at the user's discretion.
-**Preservation
-
- For <p'> obtained from <p> by any program transformation, <f(p) =
-f(p')> holds.
-
-**Distinction
-
- For <p> and <q> such that same specification, if <p> and <q> are
-written independently, then <f(p)!=f(q)>.
\r
*{{{http://commons.cafebabe.jp/xmlcli/}Jakarta Commons CLI}} 1.0\r
\r
- *{{{http://commons.cafebabe.jp/xmlcli/}XmlCli}} 1.0\r
+ *{{{http://commons.cafebabe.jp/xmlcli/}XmlCli}} 1.2\r
\r
*{{{http://math.nist.gov/javanumerics/jama/}Jama}} 1.0.2 (stigmata-1.0.0 later)\r
\r
+ *{{{http://www.junit.org/}JUnit}} 4.1\r
+\r
[]\r
\r
-**How to install requirement into Maven local repository\r
+**How to install requirements into your Maven local repository\r
+\r
+ You must install manually Jama, since it does not support Maven 2.\r
+Other libraries can be automatically downloaded by Maven 2.\r
\r
type below command.\r
\r
$Id: stigmata-4.0.dtd 124 2007-06-11 04:22:36Z tama3 $
-->
-<!ELEMENT classpath (#PCDATA)>
+<!ELEMENT classpath (#PCDATA)>
-<!ELEMENT type (#PCDATA)>
-<!ELEMENT display-name (#PCDATA)>
-<!ELEMENT description (#PCDATA)>
-<!ELEMENT extractor (#PCDATA)>
-<!ELEMENT comparator (#PCDATA)>
+<!ELEMENT type (#PCDATA)>
+<!ELEMENT display-name (#PCDATA)>
+<!ELEMENT description (#PCDATA)>
+<!ELEMENT extractor (#PCDATA)>
+<!ELEMENT comparator (#PCDATA)>
-<!ELEMENT suffix (#PCDATA)>
-<!ELEMENT prefix (#PCDATA)>
-<!ELEMENT match (#PCDATA)>
+<!ELEMENT suffix (#PCDATA)>
+<!ELEMENT prefix (#PCDATA)>
+<!ELEMENT match (#PCDATA)>
-<!ELEMENT name (#PCDATA)>
-<!ELEMENT value (#PCDATA)>
+<!ELEMENT name (#PCDATA)>
+<!ELEMENT value (#PCDATA)>
-<!ELEMENT criterion (#PCDATA)>
-<!ELEMENT filter-type (#PCDATA)>
+<!ELEMENT criterion (#PCDATA)>
+<!ELEMENT filter-type (#PCDATA)>
-<!ELEMENT exclude (suffix|prefix|match)>
-<!ELEMENT package (suffix|prefix|match)>
-<!ELEMENT class-name (suffix|prefix|match)>
-<!ELEMENT fully-name (suffix|prefix|match)>
+<!ELEMENT exclude (suffix|prefix|match)>
+<!ELEMENT package (suffix|prefix|match)>
+<!ELEMENT class-name (suffix|prefix|match)>
+<!ELEMENT fully-name (suffix|prefix|match)>
-<!ELEMENT wellknown-classes ((exclude|package|class-name|fully-name)*)>
+<!ELEMENT wellknown-classes ((exclude|package|class-name|fully-name)*)>
-<!ELEMENT property (name,value)>
-<!ELEMENT properties (property*)>
+<!ELEMENT property (name,value)>
+<!ELEMENT properties (property*)>
-<!ELEMENT birthmark-service (type,display-name,description,extractor,comparator)>
-<!ELEMENT birthmark-services (birthmark-service*)>
+<!ELEMENT birthmark-service (type,display-name,description?,extractor,comparator)>
+<!ELEMENT birthmark-services (birthmark-service*)>
-<!ELEMENT classpath-list (classpath*)>
+<!ELEMENT classpath-list (classpath*)>
-<!ELEMENT attribute (name,value)>
-<!ELEMENT attributes (attribute*)>
-<!ELEMENT filter (filter-type,criterion,attributes)>
-<!ELEMENT filter-list (filter*)>
-<!ELEMENT filterset (name,match,filter-list)>
-<!ELEMENT filterset-list (filterset*)>
+<!ELEMENT attribute (name,value)>
+<!ELEMENT attributes (attribute*)>
+<!ELEMENT filter (filter-type,criterion,attributes)>
+<!ELEMENT filter-list (filter*)>
+<!ELEMENT filterset (name,match,filter-list)>
+<!ELEMENT filterset-list (filterset*)>
<!ELEMENT stigmata (birthmark-services,wellknown-classes?,classpath-list?,properties?,filterset-list?) >
----
<!ELEMENT birthmark-similarity (#PCDATA)>
<!ELEMENT similarity (#PCDATA)>
-<!ELEMENT birthmark-service (type,display-type,description,class-name)>
+<!ELEMENT birthmark-service (type,display-type,description?,class-name)>
<!ELEMENT birthmark-services (birthmark-service*)>
<!ELEMENT birthmark (element*)>
--- /dev/null
+ ----\r
+ Survey\r
+ ----\r
+ Haruaki Tamada\r
+ ----\r
+ 2007-06-13\r
+ ----\r
+\r
+Implemented Birthmarks\r
+\r
+*CVFV birthmark\r
+\r
+ [Proposers] H. Tamada, et al.\r
+\r
+ [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
+ Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
+ Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
+ 2005.\r
+\r
+*SMC birthmark\r
+\r
+ [Proposers] H. Tamada, et al.\r
+\r
+ [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
+ Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
+ Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
+ 2005.\r
+\r
+*IS birthmark\r
+\r
+ [Proposers] H. Tamada, et al.\r
+\r
+ [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
+ Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
+ Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
+ 2005.\r
+\r
+*UC birthmark\r
+\r
+ [Proposers] H. Tamada, et al.\r
+\r
+ [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
+ Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
+ Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
+ 2005.\r
+\r
+*k-gram based birthmark\r
+\r
+ [Proposers] G. Myles and C. Collberg\r
+\r
+ [Paper] Ginger Myles, Christian Collberg, ``K-gram based software\r
+ birthmarks,'' In Proc. of the 2005 ACM symposium on Applied\r
+ computing, 2005.\r
+\r
+\r
+Related Publications\r
+\r
+*Static Birthmark\r
+\r
+ * Jianlong Yang, Jianmin Wang, Deyi Li, ``Detecting the Theft of\r
+ Natural Language Text Using Birthmark,'' iih-msp, pp. 699-702, 2006\r
+ International Conference on Intelligent Information Hiding and\r
+ Multimedia, 2006.\r
+\r
+ * Takesi Kakimoto, Akito Monden, Yasutaka Kamei, Haruaki Tamada,\r
+ Masateru Tsunoda, and Ken-ichi Matsumoto, ``Using Software\r
+ Birthmarks to Identify Similar Classes and Major Functionalities,''\r
+ In Proc. the 3rd International Workshop on Mining Software\r
+ Repositories ({{{http://msr.uwaterloo.ca/msr2006/}MSR Mining\r
+ Challenge 2006}}), pp.171--172, Shanghai, China, May\r
+ 2006.\r
+\r
+ * Ginger Myles and Christian Collberg, ``K-gram based software\r
+ birthmarks,'' In Proc. of the 2005 ACM symposium on Applied\r
+ computing, 2005.\r
+\r
+ * Haruaki Tamada, Masahide Nakamura, Akito Monden, Ken-ichi\r
+ Matsumoto, ``Java Birthmarks --Detecting the Software Theft--,''\r
+ IEICE Transactions on Information and Systems, Vol. E88-D, No. 9,\r
+ pp. 2148--2158, September 2005.\r
+\r
+ * Masateru Tsunoda, Takeshi Kakimoto, Naoki Ohsugi, Akito Monden, and\r
+ Ken-ichi Matsumoto, ``Javawock: A Java Class Recommender System\r
+ Based on Collaborative Filtering,'' In Proc. of 17th International\r
+ Conference on Software Engineering and Knowledge Engineering\r
+ ({{{http://www.ksi.edu/seke/seke05.html}SEKE2005}}), pp.491-497,\r
+ July 2005. (Taipei, Taiwan)\r
+\r
+ * Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
+ Matsumoto, ``Design and evaluation of birthmarks for detecting theft\r
+ of Java programs,'' Proc. IASTED International Conference on\r
+ Software Engineering\r
+ ({{{http://www.iasted.org/conferences/2004/Innsbruck/se.htm}IASTED\r
+ SE 2004}}), pp.569-575, Innsbruck,\r
+ Austria, 17-19 February 2004.\r
+\r
+ * Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
+ Matsumoto, ``Detecting the theft of programs using birthmarks,''\r
+ Information Science Technical Report, NAIST-IS-TR2003014, ISSN\r
+ 0919-9527, Graduate School of Information Science, Nara Institute\r
+ of Science and Technology, November 2003.\r
+\r
+ * \8bÊ\93c \8ft\8fº, \90_\8dè \97Y\88ê\98Y, \92\86\91º \8b§\8fG, \96å\93c \8bÅ\90l, \8f¼\96{ \8c\92\88ê, ``Java \83N\83\89\83X\83t\83@\83C\83\8b\82©\82ç\83v\83\8d\83O\83\89\83\80\8ew\96ä\82ð\92\8a\8fo\82·\82é\95û\96@\82Ì\92ñ\88Ä'', \90M\8aw\8bZ\95ñ \8fî\95ñ\83Z\83L\83\85\83\8a\83e\83B\8c¤\8b\86\89ï, Vol. ISEC2003-29, pp.127--133, July 2003.\r
+\r
+*Dynamic Birthmark\r
+\r
+ * \90X\8eR \8fC, \8cÃ\8d] \8ax\91å, \89\93\8eR \8bB, \8f¼\96{ \95×, ``API\8aÖ\90\94\8cÄ\8fo\97\9a\97ð\82É\82æ\82é\83\\83t\83g\83E\83F\83A\93®\93I\83o\81[\83X\83}\81[\83N\82Ì\88ê\95û\8e®'', \90M\8aw\8bZ\95ñ, vol. 106, no. 235, ISEC2006-82, pp. 77-84, September 2006.\r
+\r
+ * \89ª\96{ \8c\\8ei, \8bÊ\93c \8ft\8fº, \92\86\91º \8b§\8fG, \96å\93c \8bÅ\90l, \8f¼\96{ \8c\92\88ê, ``API\8cÄ\82Ñ\8fo\82µ\82ð\97p\82¢\82½\93®\93I\83o\81[\83X\83}\81[\83N'', \93d\8eq\8fî\95ñ\92Ê\90M\8aw\89ï\98_\95¶\8e\8f, Vol.J89-D, No.8, pp.1751-1763, August 2006.\r
+\r
+ * David Schuler and Valentin Dallmeier, ``Detecting Software Theft\r
+ with API Call Sequence Sets,'' Workshops Software Reengineering\r
+ (WSR 2006), pp.56-57, May 2006.\r
+\r
+ * \8cÃ\93c \91s\8dG, \90^\96ì \96F\8bv, ``\8eÀ\8ds\8cn\97ñ\82Ì\92\8a\8fÛ\95\\8c»\82ð\97\98\97p\82µ\82½\93®\93I\83o\81[\83X\83}\81[\83N'', \93d\8eq\8fî\95ñ\92Ê\90M\8aw\89ï\98_\95¶\8e\8f Vol.J88-D1, No.10, pp.1595--1599, October 2005.\r
+\r
+ * \89ª\96{ \8c\\8ei, \8bÊ\93c \8ft\8fº, \92\86\91º \8b§\8fG, \96å\93c \8bÅ\90l, \8f¼\96{ \8c\92\88ê, ``\83\\83t\83g\83E\83F\83A\8eÀ\8ds\8e\9e\82ÌAPI\8cÄ\82Ñ\8fo\82µ\97\9a\97ð\82É\8aî\82Ã\82\93®\93I\83o\81[\83X\83}\81[\83N\82Ì\8eÀ\8c±\93I\95]\89¿'', \91æ46\89ñ\83v\83\8d\83O\83\89\83~\83\93\83O\81E\83V\83\93\83|\83W\83E\83\80\95ñ\8d\90\8fW, pp. 41--50, January 2005\r
+\r
+ * \89ª\96{ \8c\\8ei, \8bÊ\93c \8ft\8fº, \92\86\91º \8b§\8fG, \96å\93c \8bÅ\90l, \8f¼\96{ \8c\92\88ê, ``\83\\83t\83g\83E\83F\83A\8eÀ\8ds\8e\9e\82ÌAPI\8cÄ\82Ñ\8fo\82µ\97\9a\97ð\82É\8aî\82Ã\82\93®\93I\83o\81[\83X\83}\81[\83N\82Ì\92ñ\88Ä'', \83\\83t\83g\83E\83F\83A\8dH\8aw\82Ì\8aî\91bXI, \93ú\96{\83\\83t\83g\83E\83F\83A\89È\8aw\89ï FOSE2004 (FOSE2004), pp.85--88, November 2004. \r
+\r
+ * Haruaki Tamada, Keiji Okamoto, Masahide Nakamura, Akito Monden, and\r
+ Ken-ichi Matsumoto, ``Dynamic Software Birthmarks to Detect the\r
+ Theft of Windows Applications,'' In Proc. International Symposium\r
+ on Future Software Technology 2004 (ISFST 2004), CD-ROM, Xi'an,\r
+ China, 20-22 October 2004.\r
+\r
+ * Ginger Myles and Christian Collberg, ``Detecting Software Theft via\r
+ Whole Program Path Birthmarks,'' In Proc. Information Security\r
+ Conference, September 27-29, 2004.\r
+++ /dev/null
- ----\r
- Technical Note\r
- ----\r
- Haruaki Tamada\r
- ----\r
- 2007-05-11\r
- ----\r
-\r
-What is Birthmark\r
-\r
-*Definition of birthmark\r
-\r
- Let <p, q> be programs and <f(p)> be a set of characteristics\r
-extracted from <p> by a certain method <f>. Then <f(p)> is called a\r
-<<birthmark>> of <p> iff both of the following conditions are\r
-satisfied.\r
-\r
- [[1]] <f(p)> is obtained from <p> itself without any extra information.\r
-\r
- [[2]] If <q> is a copy of <p>, then <f(p) = f(q)>\r
-\r
- []\r
-\r
- Condition 1 means that the birthmark is not extra information and is\r
-required for <p> to run. Hence, extracting a birthmark does not\r
-require extra code as watermarking does. Condition 2 states that the\r
-same birthmark has to be obtained from copied programs. By\r
-contraposition, if birthmarks <f(p)> and <f(q)> are different, then we\r
-can guarantee that <q> is not a copy of <p>.\r
-\r
- Hopefully, a birthmark will satisfy the following properties.\r
-\r
- [Property 1 (Preservation)] For <p'> obtained from $p$ by any program\r
-transformation, <f(p) = f(p')> holds.\r
-\r
- [Property 2 (Distinction)] For <p> and <q> such that both programs have\r
-same specification, if <p> and <q> are written\r
-independently, then <f(p) != f(q)>.\r
-\r
- []\r
-\r
- These properties strengthen Condition 2 of birthmark definition.\r
-Property 1 specifies the <<preservation property>> of the birthmark\r
-against program transformation. We believe that clever crackers may\r
-try to modify birthmarks by transforming the original program into an\r
-equivalent one to hide the fact of theft. There are several automated\r
-tools used to perform the transformation, involving program\r
-<obfuscators> and <optimizers>. These tools can be used as a means of\r
-attack against the birthmarks. Property 1 specifies that the same\r
-birthmark must be obtained from <p> and converted to <p'>. However,\r
-there exist many ways to transform a program into an equivalent\r
-one. Hence, in reality, it is difficult to extract strong enough\r
-birthmarks to perfectly satisfy Property 1.\r
-\r
- Property 2 specifies the <<distinction property>> of the birthmark,\r
-stating that: even though the specification of <p> and <q> is the\r
-same, if implemented separately, different birthmarks should be\r
-extracted. In general, the detail of two independent programs is\r
-almost never completely the same. However, in the case that <p> and\r
-<q> are both <<tiny>> programs, extracted birthmarks could become the\r
-same, even if <p> and <q> are written independently. Those properties\r
-should be tuned within an allowable range at the user's discretion.\r
-\r
-Implemented Birthmarks\r
-\r
-*CVFV birthmark\r
-\r
- [Proposers] H. Tamada, et al.\r
-\r
- [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
- Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
- 2005.\r
-\r
-*SMC birthmark\r
-\r
- [Proposers] H. Tamada, et al.\r
-\r
- [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
- Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
- 2005.\r
-\r
-*IS birthmark\r
-\r
- [Proposers] H. Tamada, et al.\r
-\r
- [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
- Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
- 2005.\r
-\r
-*UC birthmark\r
-\r
- [Proposers] H. Tamada, et al.\r
-\r
- [Paper] Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Java Birthmarks --Detecting the Software Theft--," IEICE\r
- Transactions on Information and Systems, Vol. E88-D, No. 9, September\r
- 2005.\r
-\r
-*k-gram based birthmark\r
-\r
- [Proposers] G. Myles and C. Collberg\r
-\r
- [Paper] Ginger Myles, Christian Collberg, ``K-gram based software\r
- birthmarks,'' In Proc. of the 2005 ACM symposium on Applied\r
- computing, 2005.\r
-\r
-\r
-Related Publications\r
-\r
- * Haruaki Tamada, Yuichiro Kanzaki, Masahide Nakamura, Akito Monden,\r
- Ken-ichi Matsumoto, "A method for extracting program fingerprints\r
- from Java class files," The Institute of Electronics, Information\r
- and Communication Engineers Technical Report, Vol. ISEC2003-29,\r
- pp.127-133, July 2003. (in Japanese)\r
-\r
- * Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Detecting the theft of programs using birthmarks,"\r
- Information Science Technical Report, NAIST-IS-TR2003014, ISSN\r
- 0919-9527, Graduate School of Information Science, Nara Institute\r
- of Science and Technology, November 2003.\r
-\r
- * Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Design and evaluation of birthmarks for detecting theft\r
- of Java programs," Proc. IASTED International Conference on\r
- Software Engineering\r
- ({{{http://www.iasted.org/conferences/2004/Innsbruck/se.htm}IASTED\r
- SE 2004}}), pp.569-575, Innsbruck,\r
- Austria, 17-19 February 2004.\r
-\r
- * Masateru Tsunoda, Takeshi Kakimoto, Naoki Ohsugi, Akito Monden, and\r
- Ken-ichi Matsumoto, "Javawock: A Java Class Recommender System\r
- Based on Collaborative Filtering," In Proc. of 17th International\r
- Conference on Software Engineering and Knowledge Engineering\r
- ({{{http://www.ksi.edu/seke/seke05.html}SEKE2005}}), pp.491-497,\r
- July 2005. (Taipei, Taiwan)\r
-\r
- * Haruaki Tamada, Masahide Nakamura, Akito Monden, and Ken-ichi\r
- Matsumoto, "Java Birthmarks --Detecting the Software Theft--,"\r
- IEICE Transactions on Information and Systems, Vol. E88-D, No. 9,\r
- September 2005.\r
-\r
- * Takesi Kakimoto, Akito Monden, Yasutaka Kamei, Haruaki Tamada,\r
- Masateru Tsunoda, and Ken-ichi Matsumoto, "Using Software\r
- Birthmarks to Identify Similar Classes and Major Functionalities,"\r
- In Proc. the 3rd International Workshop on Mining Software\r
- Repositories ({{{http://msr.uwaterloo.ca/msr2006/}MSR Mining\r
- Challenge 2006}}), pp.171--172, Shanghai, China, May\r
- 2006.\r
-\r
<item name="Definition" href="definition.html" />
<item name="DTD" href="dtd.html" />
<item name="FAQ" href="faq.html"/>
+ <item name="Survey" href="survey.html"/>
<item name="License" href="license.html"/>
<item name="Project Page" href="http://sourceforge.jp/projects/stigmata/"/>
</menu>