LibD: Scalable and Precise Third-Party Library Detection in Android Markets

Li, Menghao; Wang, Wei; Wang, Pei; Wang, Shuai; Wu, Dinghao; Liu, Jian; Xue, Rui; Huo, Wei

doi:10.1109/icse.2017.38

Cited by 146 publications

(68 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…deployed by developers proactively. Therefore, we have pre-removed over 12,000 common third-party libraries using the approach of Li et al [39]. (2) Feature Generation.…”

Section: Identifier Renamingmentioning

confidence: 99%

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

Dong

Diao

et al. 2018

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

Self Cite

View full text Add to dashboard Cite

Program code is a precious asset to its owner. Due to the easyto-reverse nature of Java, code protection for Android apps is of particular importance. To this end, code obfuscation is widely utilized by both legitimate app developers and malware authors, which complicates the representation of source code or machine code in order to hinder the manual investigation and code analysis. Despite many previous studies focusing on the obfuscation techniques, however, our knowledge on how obfuscation is applied by realworld developers is still limited.In this paper, we seek to better understand Android obfuscation and depict a holistic view of the usage of obfuscation through a large-scale investigation in the wild. In particular, we focus on four popular obfuscation approaches: identifier renaming, string encryption, Java reflection, and packing. To obtain the meaningful statistical results, we designed efficient and lightweight detection models for each obfuscation technique and applied them to our massive APK datasets (collected from Google Play, multiple thirdparty markets, and malware databases). We have learned several interesting facts from the result. For example, malware authors use string encryption more frequently, and more apps on third-party markets than Google Play are packed. We are also interested in the explanation of each finding. Therefore we carry out in-depth code analysis on some Android apps after sampling. We believe our study will help developers select the most suitable obfuscation approach, and in the meantime help researchers improve code analysis systems in the right direction.

show abstract

“…deployed by developers proactively. Therefore, we have pre-removed over 12,000 common third-party libraries using the approach of Li et al [39]. (2) Feature Generation.…”

Section: Identifier Renamingmentioning

confidence: 99%

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

Dong

Diao

et al. 2018

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…The binary code, comprising an app and libraries, comes as a single package, and thus the identifcation of libraries in Android is not straightforward, especially when code is obfuscated, as proven by many studies performed on the subject [6,18,19]. In order to detect third-party libraries used in Android apps, we resort to LibRadar [19].…”

Section: Library Analysismentioning

confidence: 99%

What did really change with the new release of the app?

Calciati

Kuznetsov

Bai

et al. 2018

Proceedings of the 15th International Conference on Mining Software Repositories

View full text Add to dashboard Cite

The mobile app market is evolving at a very fast pace. In order to stay in the market and fulfll user's growing demands, developers have to continuously update their apps either to fx issues or to add new features. Users and market managers may have a hard time understanding what really changed in a new release though, and therefore may not make an informative guess of whether updating the app is recommendable, or whether it may pose new security and privacy threats for the user.We propose a ready-to-use framework to analyze the evolution of Android apps. Our framework extracts and visualizes various information -such as how an app uses sensitive data, which third-party libraries it relies on, which URLs it connects to, etc.-and combines it to create a comprehensive report on how the app evolved.Besides, we present the results of an empirical study on 235 applications with at least 50 releases using our framework. Our analysis reveals that Android apps tend to have more leaks of sensitive data over time, and that the majority of API calls relative to dangerous permissions are added to the code in releases posterior to the one where the corresponding permission was requested.

show abstract

“…Although these papers are not considered in this work, we believe their approaches can generally be adapted to detect repackaged apps as well. For example, Li et al [75] have introduced LibD to identify third-party libraries, including multi-package ones, which are categorised based on the internal code dependencies of candidate libraries. Interested readers are encouraged to follow their research paper for more details.…”

Section: Statistics On State-of-the-art Workmentioning

confidence: 99%

Rebooting Research on Detecting Repackaged Android Apps: Literature Review and Benchmark

Bissyandé

Klein

2021

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Repackaging is a serious threat to the Android ecosystem as it deprives app developers of their benefits, contributes to spreading malware on users' devices, and increases the workload of market maintainers. In the space of six years, the research around this specific issue has produced 57 approaches which do not readily scale to millions of apps or are only evaluated on private datasets without, in general, tool support available to the community. Through a systematic literature review of the subject, we argue that the research is slowing down, where many state-of-the-art approaches have reported high-performance rates on closed datasets, which are unfortunately difficult to replicate and to compare against. In this work, we propose to reboot the research in repackaged app detection by providing a literature review that summarises the challenges and current solutions for detecting repackaged apps and by providing a large dataset that supports replications of existing solutions and implications of new research directions. We hope that these contributions will re-activate the direction of detecting repackaged apps and spark innovative approaches going beyond the current state-of-the-art.

show abstract

LibD: Scalable and Precise Third-Party Library Detection in Android Markets

Cited by 146 publications

References 21 publications

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

What did really change with the new release of the app?

Rebooting Research on Detecting Repackaged Android Apps: Literature Review and Benchmark

Contact Info

Product

Resources

About