Scalably Detecting Third-Party Android Libraries With Two-Stage Bloom Filtering

Huang, Jianjun; Xue, Bo; Jiang, Jiasheng; You, Wei; Liang, Bin; Wu, Jingzheng; Wu, Yujuan

doi:10.1109/tse.2022.3215628

Cited by 5 publications

(4 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…LibDB [22] utilizes function contents as features and transforms binary functions into vector representations through neural network embeddings. Libloom [23] encodes package signatures and class signatures into two-level Bloom filters. LibScan [14] first fingerprints code features to establish potential class correspondences between the application and TPL classes.…”

Section: Related Work 61 Software Composition Analysismentioning

confidence: 99%

OSSDetector: Towards a More Accurate Approach for C/C++ Third-Party Library Detection

Zeng,

Zhu,

Han

et al. 2024

Preprint

View full text Add to dashboard Cite

In the current software development environment, third-party libraries (TPL) provide developers with rich functionality and convenient solutions, accelerating the speed and efficiency of software development. However, with the widespread adoption of TPL, related security risks have become increasingly apparent. Software Composition Analysis (SCA) is crucial for detecting and managing TPLs in software projects to address these growing security challenges. However, existing SCA tools for C/C++ software projects face several challenges, including the consequences of modified and nested TPL, the lack of precise version representation, and a comprehensive TPL database. Unfortunately, existing SCA tools are inadequate in addressing these challenges and do not detect the precise TPL version. We propose a new SCA tool called OSSDetector to identify TPLs and TPL versions in C/C++ projects to alleviate these issues. OSSDetector, based on sliding window and fuzzy hashing techniques, generates finer-grained signatures to identify modified TPL and mitigate its consequences. Furthermore, it uses a “Nested TPL Function Filtering" algorithm based on multiple features to identify and filter nested TPL function signatures in each TPL to mitigate the consequences of nested TPL. Additionally, it leverages a “TPL Recognition" algorithm based on import ratios and function paths to determine the TPL used in the target C/C++ software. It also determines TPL versions based on function weights and version release times to mitigate the lack of precise version representation. To mitigate the lack of a comprehensive TPL database, we construct a large TPL database containing 29,416 C/C++ TPLs covering 767,405 versions. Experimental results demonstrate that compared to state-of-the-art tools, OSSDetector achieves better precision (85.52%), recall (79.82%), and F1 score (82.57%) at the library level, with improvements of 3.18%, 3.59%, and 3.40%, respectively. At the library version level, OSSDetector also exhibits higher precision (84.27%), outperforming state-of-the-art tools by 4.64%.

show abstract

Section: Related Work 61 Software Composition Analysismentioning

confidence: 99%

OSSDetector: Towards a More Accurate Approach for C/C++ Third-Party Library Detection

Zeng,

Zhu,

Han

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…There are many ways that providers can experience cyber threats and attacks, including brute force and distributed denial-of-service (DDoS), credential stuffing, person-in-the-middle and providers can also be made vulnerable in different ways, such as through interactions with clients and supplier third party software vulnerabilities ( 46 , 47 ). There are also factors such as human error and social engineering at play, including sophisticated spear phishing attacks that exploit cognitive biases and target disgruntled or vulnerable staff members to help cybercriminals steal information or use disguises to enter premises ( 46 – 49 ).…”

Section: The Pandemic Is Shifting Boundaries For Mental Health Suppor...mentioning

confidence: 99%

Cybersecurity: a critical priority for digital mental health

Inkster,

Knibbs,

Bada

2023

Front. Digit. Health

View full text Add to dashboard Cite

There has been a surge in the supply and demand of digital mental health support services in recent times. There have also been high profile cyberattacks specifically targeting mental health and behavioral services, along with a shift toward targeting vulnerable people directly. Cyberattacks involving personal health data, especially sensitive mental health data, could have devastating consequences to vulnerable people, those close to them, and many other stakeholders. This article calls for the immediate examination of the current state of cybersecurity in the digital mental healthcare industry to collectively identify risks and to protect user and provider vulnerabilities. This article points to the need to build a global cybersecurity culture within digital mental health while also working closely with other industries. The article concludes by making some preliminary recommendations to help support the creation of standards that will enhance the collective preparedness for future responses to cybersecurity threats and attacks.

show abstract

“…OSSPolice [19] have developed similarity measures based on strings. The special structure of Java programs allows using properties such as class and package inclusions [3,35] in order to identify Android libraries.…”

Section: Graph Similaritymentioning

confidence: 99%

“…For example, detecting malware clones is a major issue [4,17,55,71], as most malware are actually variants of a few major families active for more than five years 1 . Another application is the identification of libraries [3,19,31,35,67,68], which is both a software engineering issue and a cybersecurity issue due to vulnerabilities inside dynamically linked libraries. The problem of library identification, while in between programs and functions in terms of size, is much closer to the case of program clones by its nature -libraries are not arbitrary collections of functions and require inter-procedural analysis.…”

mentioning

confidence: 99%

Scalable Program Clone Search through Spectral Analysis

Benoit,

Marion,

Bardin

2023

Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Enginee

View full text Add to dashboard Cite

We consider the problem of program clone search, i.e. given a target program and a repository of known programs (all in executable format), the goal is to find the program in the repository most similar to a target program -with potential applications in terms of reverse engineering, program clustering, malware lineage and software theft detection. Recent years have witnessed a blooming in code similarity techniques, yet most of them focus on functionlevel similarity while we are interested in program-level similarity. Consequently, these recent approaches are not directly suited to program clone search. Indeed, our study shows that prior similarity approaches are either too slow to handle large repositories, or not precise enough, or yet not robust against slight variations introduced by compilers, source code versions or obfuscations. We propose a novel spectral analysis method for program-level similarity called Programs Spectral Similarity (PSS). In a nutshell, PSS one-time spectral feature extraction is tailored for large repositories of programs, making it a perfect fit for program clone search. We have compared the different approaches with extensive benchmarks, showing that PSS reaches a sweet spot in terms of precision, speed and robustness. CCS CONCEPTS• Security and privacy → Software reverse engineering; Malware and its mitigation.

show abstract

Scalably Detecting Third-Party Android Libraries With Two-Stage Bloom Filtering

Cited by 5 publications

References 26 publications

OSSDetector: Towards a More Accurate Approach for C/C++ Third-Party Library Detection

OSSDetector: Towards a More Accurate Approach for C/C++ Third-Party Library Detection

Cybersecurity: a critical priority for digital mental health

Scalable Program Clone Search through Spectral Analysis

Contact Info

Product

Resources

About