Dinghao Wu - Projects - SPLAD: Obfuscation Resilient Software Plagiarism Detection

SPLAD: Obfuscation Resilient Software Plagiarism Detection

Overview

Software plagiarism is an act of reusing someone else's code, in whole or in part, into one's own program in a way violating the terms of original license. Along with the rapid developing software industry and the burst of open source projects, software plagiarism has become a very serious threat to Intellectual Property Protection and the "healthiness" of the open-source-embracing software industry. High profile billion-dollar lawsuits dealing with software plagiarism cases have already emerged and showed that even software giants steal code.

To address this threat, computer-aided, automated plagiarism detection tools should play a major role. However, existing plagiarism detection schemes, including both static and dynamic analysis based methods, are still premature. In fact, none of them is resilient to code obfuscation, and they all can be "defeatedd" by (in most cases rather simple) code-obfuscation-based counter-detection measures. Recent developments in code obfuscation have made such measures extremely easy and affordable to take, and indeed mature obfuscation tools have been freely available, making the situation even worse. Moreover, many existing schemes rely on analyzing the source code of a suspected software product, which often cannot be obtained until some strong evidences have been collected.

In this project, we aim to develop binary-oriented, obfuscation-resilient plagiarism detection methods that do not require source code analysis. This research, if successful, will take a significant step forward in addressing the software plagiarism threat.

People

Dinghao Wu
Sencun Zhu
Peng Liu
Yoon-Chan Jhi
Fangfang Zhang
Heqing Huang
Lannan Luo
Jiang Ming

Software Release

ViewDroid: Towards Obfuscation-Resilient Mobile Application Repackaging Detection, released in 2014 under Apache License 2.0, sponsored by the National Science Foundation (NSF) under the Grant No. CNS-1223710. Download local copy here.
LOOP Opaque Predicate Detector, released in 2015.
A Generalized Dynamic Opaque Predicate Obfuscator. Open Source Release. Sponsored by National Science Foundation (NSF) under the Grant No. CCF-1320605. (2016).

Publications

StraightTaint: Decoupled Offline Symbolic Taint Analysis, by Jiang Ming, Dinghao Wu, Gaoyao Xiao, Jun Wang, and Peng Liu. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering (ASE 2016), Singapore, September 3-7, 2016. (Acceptance rate: 19.1%)

Software Plagiarism Detection: A Survey, by Zhenzhou Tian, Ting Liu, Qinghua Zheng, Feifei Tong, Dinghao Wu, Sencun Zhu, Kai Chen. Journal of Cyber Security, 1(3):52-76, 2016.
BinCFP: Efficient Multi-threaded Binary Code Control Flow Profiling, by Jiang Ming and Dinghao Wu. In Proceedings of the 16th IEEE International Working Conference on Source Code Analysis and Manipulation, Engineering Track, (SCAM 2016), Raleigh, NC, USA, October 2-3, 2016.
Generalized Dynamic Opaque Predicates: A New Control Flow Obfuscation Method, by Dongpeng Xu, Jiang Ming, and Dinghao Wu. In Proceedings of the 19th Information Security Conference (ISC '16), Honolulu, Hawaii, USA, September 7-9, 2016.

Impeding Behavior-based Malware Analysis via Replacement Attacks to Malware Specications, by Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. Journal of Computer Virology and Hacking Techniques, 2016. A preliminary version appeared in Proceedings of the 13th International Conference on Applied Cryptography and Network Security (ACNS 2015).

MalwareHunt: Semantics-Based Malware Diffing Speedup by Normalized Basic Block Memoization, by Jiang Ming, Dongpeng Xu, and Dinghao Wu. Journal of Computer Virology and Hacking Techniques, 2016. A preliminary version appeared in Proceedings of the 30th IFIP SEC 2015 International Information Security and Privacy Conference (IFIP SEC 2015).

Deviation-Based Obfuscation-Resilient Program Equivalence Checking with Application to Software Plagiarism Detection, by Jiang Ming, Fangfang Zhang, Dinghao Wu, Peng Liu, and Sencun Zhu. IEEE Transactions on Reliability, 2016. A preliminary version appeared in Proceedings of the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE 2014).

Repackage-proofing Android Apps, by Lannan Luo, Yu Fu, Dinghao Wu, Sencun Zhu, and Peng Liu. In Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2016), Toulouse, France, June 28 - July 1, 2016. (Acceptance rate: 58/259 = 22.4%)

Translingual Obfuscation, by Pei Wang, Shuai Wang, Jiang Ming, Yufei Jiang, and Dinghao Wu. In Proceedings of the 1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrucken, Germany, March 21-24, 2016. (Acceptance rate: 29/168 = 17.3%) An extended version is available at arXiv.

Uroboros: Instrumenting Stripped Binaries with Static Reassembling, by Shuai Wang, Pei Wang, and Dinghao Wu. In Proceedings of the 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016), Osaka, Japan, March 14-16, 2016.

Program-object Level Data Flow Analysis with Applications to Data Leakage and Contamination Forensics, by Gaoyao Xiao, Jun Wang, Peng Liu, Jiang Ming, and Dinghao Wu. In Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016), New Orleans, LA, March 9-11, 2016.

LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code, by Jiang Ming, Dongpeng Xu, Li Wang, and Dinghao Wu. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS 2015), Denver, Colorado, USA, October 12-16, 2015. (Acceptance rate: 128/646 = 19.8%) Open source software release.

Reassembleable Disassembling, by Shuai Wang, Pei Wang, and Dinghao Wu. In Proceedings of the 24th USENIX Security Symposium, Washington, D.C., August 12-14, 2015. (Acceptance rate: 67/426 = 15.7%)
Open source software release.

TaintPipe: Pipelined Symbolic Taint Analysis, by Jiang Ming, Dinghao Wu, Gaoyao Xiao, Jun Wang, and Peng Liu. In Proceedings of the 24th USENIX Security Symposium, Washington, D.C., August 12-14, 2015. (Acceptance rate: 67/426 = 15.7%)

Replacement Attacks: Automatically Impeding Behavior-based Malware Specifications, by Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. In Proceedings of the 13th International Conference on Applied Cryptography and Network Security (ACNS 2015), New York, June 2-5, 2015.

Memoized Semantics-Based Binary Diffing with Application to Malware Lineage Inference, by Jiang Ming, Dongpeng Xu, and Dinghao Wu. In Proceedings of the 30th IFIP SEC 2015 International Information Security and Privacy Conference (IFIP SEC 2015), Hamburg, Germany, May 26-28, 2015.

Program Characterization Using Runtime Values and Its Application to Software Plagiarism Detection, by Yoon-Chan Jhi, Xiaoqi Jia, Xinran Wang, Sencun Zhu, Peng Liu, and Dinghao Wu. IEEE Transactions on Software Engineering. 2015.

Towards Discovering and Understanding the Unexpected Hazards in Tailoring Antivirus Software for Android, by Heqing Huang, Kai Chen, Chuangang Ren, Peng Liu, Sencun Zhu, and Dinghao Wu. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015), Singapore, April 14-17, 2015. (Acceptance rate: 48/269 = 17.8%)

Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software Plagiarism Detection, by Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, and Sencun Zhu. In Proceedings of the 22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE 2014), Hong Kong, China, November 16-22, 2014. (Distinguished Paper Award Nomination)
Program Logic Based Software Plagiarism Detection, by Fangfang Zhang, Dinghao Wu, Peng Liu, and Sencun Zhu. In Proceedings of the 25th annual International Symposium on Software Reliability Engineering (ISSRE 2014), Naples, Italy, November 3-6, 2014.
ViewDroid: Towards Obfuscation-Resilient Mobile Application Repackaging Detection, by Fangfang Zhang, Heqing Huang, Sencun Zhu, Dinghao Wu, and Peng Liu. In Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2014), Oxford, United Kingdom, July 23-25, 2014. (Accepted) (Acceptance ratio: 14/96 = 14.6%)
A Framework for Evaluating Mobile App Repackaging Detection Algorithms, by Heqing Huang, Sencun Zhu, Peng Liu, and Dinghao Wu. In Proceedings of the 6th International Conference on Trust \& Trustworthy Computing (TRUST 2013), London, UK, June 17–19, 2013. (Acceptance ratio: 20.5%.)
A First Step Towards Algorithm Plagiarism Detection, by Fangfang Zhang, Yoon-Chan Jhi, Dinghao Wu, Peng Liu, and Sencun Zhu. In Proceedings of the 2012 ACM International Symposium on Software Testing and Analysis (ISSTA 2012), Minneapolis, MN, July 15–20, 2012. (Acceptance ratio: 31/108 = 28.7%.)
Value-Based Program Characterization and Its Application to Software Plagiarism Detection, by Yoon-Chan Jhi, Xinran Wang, Xiaoqi Jia, Sencun Zhu, Peng Liu, and Dinghao Wu. In Proceedings of the ACM/IEEE 33rd International Conference on Software Engineering (ICSE 2011), Software Engineering in Practice Track, pages 756–765, Honolulu, Hawaii, USA, May 21–28, 2011. (Acceptance ratio: 18/100 = 18.0%)

Sponsor

National Science Foundation (NSF) — Computing and Communication Foundations (CCF)

Award #1320605, SHF: Small: Towards Obfuscation-Resilient Software Plagiarism Detection, Sencun Zhu, Dinghao Wu (Co-PI), and Peng Liu, National Science Foundation (NSF) CCF-1320605, $500,000, 2013-2017.