Efficient Identification of Windows Executable Programs to Prevent Software Piracy

Abstract

Pirated software used to be distributed through physical exchange. The Internet, however, is increasingly being used to distributed pirate software. P2P networks, one-click hosting site, and bit-torrent indexing site are typical examples. To block illegal distribution of software through the Internet, we must identify software stored and distributed on such sites. In this paper, we propose a new scheme for identifying software. In this scheme, we concentrate on Microsoft Windows applications because most piracy targets MS Windows applications. The scheme analyzes PE header and PE (Portable Executable) is the executable file format of Windows. The scheme translates information in the header such as start address, the size of the initialized data, etc. into the unique value and uses the value to identify software in question. We show the proposed scheme can identify software effectively and efficiently through an experiment with 439 sample executable files.