Abstract

Code theft is a threat for companies that consider code asa core asset. A birthmark can help them to prove codetheft by identifying intrinsic properties of a program. Twoprograms with the same birthmark are likely to share a com-mon origin. Birthmarking works in particular for code thatwas not protected by tamper-resistant copyright notices thatotherwise could prove ownership.We propose a dynamic birthmark for Java that observes howa program uses objects provided by the Java Standard API.Such a birthmark is difficult to foil because it captures the observable semantics of a program. In an evaluation, ourAPI Birthmark reliably identified XML parsers and PNGreaders before and after obfuscating them with state-of-the-art obfuscation tools. These rendered existing birthmarksineffective, such as the Whole-Program-Path Birthmark byMyles and Collberg