300x300 img

DYKIS-PD: Dynamic Birthmark-based Software Plagiarism Detection Tool

Examples of Using Dynamic Analysis Module

Users can use this module separately for just collecting execution traces. This module contains five pintools. We'll illustrate how to use these pintools with serveral examples in the following.

Pintools for Linux

To run pintools under Linux, you need to gain the root privilege or to use the injection mode(-injection child) for injecting into the application process. For example, the command for extracting system call sequences and key instruction sequences from application bizp2 is:

$PIN_HOME/pin -injection child -t SysTracer_Lin.so -- bzip2 bmp1.bmp
$PIN_HOME/pin -injection child -t ../DKISExtractor_Lin.so -- bzip2 aac_1.aac 

Then the system calls and key instructions executed will be recorded in the files "strace.out" and "comprehensiveTraceRecord" located in the "/tmp" directory by default.

Pintools for Windows

Similarily we can extract execution profiles during runtime of bzip2 in the windows system. By default, the trace files are stored in the root directory of C: drive.

%PIN_HOME%/pin -t sysTracer_Win.dll -- .\programs\bzip2_WIN.exe .\inputs\aac_1.aac
%PIN_HOME%/pin -t DKISExtractor_Win.dll -- .\programs\bzip2_WIN.exe .\inputs\aac_1.aac

Note that Pin version 2.12 is required. And the windows version pintools currently support Windows xp system only.

Installing and Using Complete DYKIS-PD

After having downloaded the DYKIS-PD project from the download page, you can build the project by simply importing it into the Eclipse IDE. To run it, you need to specify the path of pin and pintools in the IAppConstants class.

public static final String PIN_HOME="C:/SEKE2014/pin-2.12-54730-msvc10-windows/pin";
public static final String SODB_Tool="/home/zztian/Workspace/SEKE/eclipse_RCP/pinTools/StackTracer.so";
public static final String DKISB_Tool="/home/zztian/Workspace/SEKE/eclipse_RCP/pinTools/DKISExtractor_Lin.so";
public static final String SCSSB_Tool="/home/zztian/Workspace/SEKE/eclipse_RCP/pinTools/SysTracer_Lin.so";
public static final String DKISB_Win="C:/SEKE2014/eclipse/pintool/DKISExtractor_Win.dll";
public static final String SCSSB_Win="C:/SEKE2014/eclipse/pintool/sysTracer_Win.dll";
Then the DYKIS-PD can be run as Eclipse Applications. Currently Eclipse version INDIGO and JDK version>=1.7 is required. Or you can try the preconfigured environment provided in the VMware Image. For details on operating the DYKIS-PD tool, you can just take a look at the vedios provided, it's really easy.

Further Information

For deatailed information of basic ideas of DYKIS-PD, and the details about the dynamic birthmarks implemented, you can see our papers and short slides.