Free Open-Source Software Fingerprinting

Saed Alrabaee; Mourad Debbabi; Paria Shirani; Lingyu Wang; Amr Youssef; Ashkan Rahimian; Lina Nouh; Djedjiga Mouheb; He Huang; Aiman Hanna

doi:10.1007/978-3-030-34238-8_7

Free Open-Source Software Fingerprinting

Saed Alrabaee, Mourad Debbabi, Paria Shirani, Lingyu Wang, Amr Youssef, Ashkan Rahimian, Lina Nouh, Djedjiga Mouheb, He Huang, Aiman Hanna

Department of Information System and Security

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Abstract

This chapter presents an approach to fingerprint free open-source software (FOSS) packages. FOSS package identification is crucial for several important security applications, e.g., digital forensics, software license infringement, and malware detection. However, existing function identification approaches are insufficient for this purpose due to various challenges in applying practical methods of data mining and database searching, especially when the source code is inaccessible. Moreover, the task of automated detection of FOSS packages becomes more complicated with the introduction of obfuscation techniques, the use of different compilers and compilation settings, and software refactoring techniques.

Original language	English
Title of host publication	Advances in Information Security
Publisher	Springer
Pages	157-186
Number of pages	30
DOIs	https://doi.org/10.1007/978-3-030-34238-8_7
Publication status	Published - 2020

Publication series

Name	Advances in Information Security
Volume	78
ISSN (Print)	1568-2633

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications

Access to Document

10.1007/978-3-030-34238-8_7

Cite this

@inbook{8746a56898b44ff39614b051dafa3099,

title = "Free Open-Source Software Fingerprinting",

abstract = "This chapter presents an approach to fingerprint free open-source software (FOSS) packages. FOSS package identification is crucial for several important security applications, e.g., digital forensics, software license infringement, and malware detection. However, existing function identification approaches are insufficient for this purpose due to various challenges in applying practical methods of data mining and database searching, especially when the source code is inaccessible. Moreover, the task of automated detection of FOSS packages becomes more complicated with the introduction of obfuscation techniques, the use of different compilers and compilation settings, and software refactoring techniques.",

author = "Saed Alrabaee and Mourad Debbabi and Paria Shirani and Lingyu Wang and Amr Youssef and Ashkan Rahimian and Lina Nouh and Djedjiga Mouheb and He Huang and Aiman Hanna",

note = "Publisher Copyright: {\textcopyright} 2020, Springer Nature Switzerland AG.",

year = "2020",

doi = "10.1007/978-3-030-34238-8_7",

language = "English",

series = "Advances in Information Security",

publisher = "Springer",

pages = "157--186",

booktitle = "Advances in Information Security",

}

TY - CHAP

T1 - Free Open-Source Software Fingerprinting

AU - Alrabaee, Saed

AU - Debbabi, Mourad

AU - Shirani, Paria

AU - Wang, Lingyu

AU - Youssef, Amr

AU - Rahimian, Ashkan

AU - Nouh, Lina

AU - Mouheb, Djedjiga

AU - Huang, He

AU - Hanna, Aiman

PY - 2020

Y1 - 2020

N2 - This chapter presents an approach to fingerprint free open-source software (FOSS) packages. FOSS package identification is crucial for several important security applications, e.g., digital forensics, software license infringement, and malware detection. However, existing function identification approaches are insufficient for this purpose due to various challenges in applying practical methods of data mining and database searching, especially when the source code is inaccessible. Moreover, the task of automated detection of FOSS packages becomes more complicated with the introduction of obfuscation techniques, the use of different compilers and compilation settings, and software refactoring techniques.

AB - This chapter presents an approach to fingerprint free open-source software (FOSS) packages. FOSS package identification is crucial for several important security applications, e.g., digital forensics, software license infringement, and malware detection. However, existing function identification approaches are insufficient for this purpose due to various challenges in applying practical methods of data mining and database searching, especially when the source code is inaccessible. Moreover, the task of automated detection of FOSS packages becomes more complicated with the introduction of obfuscation techniques, the use of different compilers and compilation settings, and software refactoring techniques.

UR - http://www.scopus.com/inward/record.url?scp=85080957266&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85080957266&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-34238-8_7

DO - 10.1007/978-3-030-34238-8_7

M3 - Chapter

AN - SCOPUS:85080957266

T3 - Advances in Information Security

SP - 157

EP - 186

BT - Advances in Information Security

PB - Springer

ER -

Free Open-Source Software Fingerprinting

Abstract

Publication series

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this