More Web Proxy on the site http://driver.im/

research-article

Obfuscation-resilient detection of Android third-party libraries using multi-scale code dependency fusion

Authors:

Limin PanAuthors Info & Claims

Volume 117, Issue C

https://doi.org/10.1016/j.inffus.2024.102908

Published: 20 February 2025 Publication History

Abstract

Third-Party Library (TPL) detection is a crucial aspect of Android application security assessment, but it faces significant challenges due to code obfuscation. Existing methods often rely on single-scale features, such as class dependencies or instruction opcodes. This reliance can overlook critical dependencies, leading to incomplete library representation and reduced detection recall. Furthermore, the high similarity between a TPL and its adjacent versions causes overlaps in the feature space, reducing the accuracy of version identification. To address these limitations, we propose LibMD, a multi-scale code dependency fusion approach for TPL detection in Android apps. LibMD enhances library code representation by combining class reference syntax augmentation, cross-scale function mapping, and control flow reconstruction of basic blocks. It also extracts metadata dependencies and constructs a library dependency graph that integrates app-code similarity with multiple libraries. By applying Bayes’ theorem to compute posterior probabilities, LibMD effectively evaluates the likelihood of TPL integration and improves the precision of library version identification. Experimental results demonstrate that LibMD outperforms state-of-the-art methods across diverse datasets, achieving robust TPL detection and accurate version identification, even under various obfuscation techniques.

References

[1]

T. Mahmud, M. Che, G. Yang, Detecting android API compatibility issues with API differences, IEEE Trans. Softw. Eng. 49 (2023) 3857–3871,.

Digital Library

[2]

E. Derr, S. Bugiel, S. Fahl, Y. Acar, M. Backes, Keep me updated: An empirical study of third-party library updatability on android, in: Proc. ACM SIGSAC Conf. Comput. Commun. Secur, 2017, pp. 2187–2200,.

Digital Library

[3]

X. Zhan, T. Liu, L. Fan, L. Li, S. Chen, X. Luo, Y. Liu, Research on third-party libraries in android apps: A taxonomy and systematic literature review, IEEE Trans. Softw. Eng. 48 (2022) 4181–4213,.

Digital Library

[4]

Q. He, B. Li, F. Chen, J. Grundy, X. Xia, Y. Yang, Diversified third-party library prediction for mobile app development, IEEE Trans. Softw. Eng. 48 (2022) 150–165,.

Digital Library

[5]

J. Senanayake, H. Kalutarage, M.O. Al-Kadri, A. Petrovski, L. Piras, Android source code vulnerability detection: A systematic literature review, ACM Comput. Surv. 55 (2023) 1–37,.

Digital Library

[6]

R. Bhoraskar, S. Han, J. Jeon, T. Azim, S. Chen, J. Jung, S. Nath, R. Wang, D. Wetherall, Brahmastra: Driving apps to test the security of third-party components, in: 23rd USENIX Sec. Symp., USENIX Security, 2014, pp. 1021–1036. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/bhoraskar.

[7]

J. Wang, et al., Understanding malicious cross-library data harvesting on android, in: 30th USENIX Sec. Symp., USENIX Security, 2021, pp. 4133–4150. https://www.usenix.org/conference/usenixsecurity21/presentation/wang-jice.

[8]

S. Chen, Y. Zhang, L. Fan, J. Li, Y. Liu, AUSERA: Automated security vulnerability detection for android apps, in: 37th IEEE/ACM Int. Conf. Autom. Softw. Eng. ASE, 2022, pp. 1–5,.

Digital Library

[9]

X. Zhan, L. Fan, T. Liu, S. Chen, L. Li, H. Wang, Y. Xu, X. Luo, Y. Liu, Automated third-party library detection for android applications: Are we there yet?, in: Proc. IEEE/ACM 35th Int. Conf. Automated Softw. Eng., ASE, 2020, pp. 919–930,.

Digital Library

[10]

K. Chen, P. Wang, Y. Lee, X. Wang, N. Zhang, H. Huang, W. Zou, P. Liu, Finding unknown malice in 10 seconds: Mass vetting for new threats at the google-play scale, in: 24th USENIX Sec. Symp., USENIX Security, 2015, pp. 659–674. https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/chen-kai.

[11]

Y. Shao, X. Luo, C. Qian, P. Zhu, L. Zhang, Towards a scalable resource-driven approach for detecting repackaged android applications, in: 30th Annu. Comput. Sec. Appl. Conf., ACSAC, 2014, pp. 56–65,.

Digital Library

[12]

L. Yu, X. Luo, C. Qian, S. Wang, Revisiting the description-to-behavior fidelity in android applications, in: 23rd Int. Conf. Softw. Anal. Evolut. Reengineering, SANER, 2016, pp. 415–426,.

[13]

L. Yu, X. Luo, C. Qian, S. Wang, H.K.N. Leung, Enhancing the description-to-behavior fidelity in android apps with privacy policy, Trans. Softw. Eng. 44 (2018) 834–854,.

[14]

Z. Zhang, W. Diao, C. Hu, S. Guo, C. Zuo, L. Li, An empirical study of potentially malicious third-party libraries in android apps, in: 13th ACM Conf. Sec. Priv. Wirel. Mob. Netw, WiSec, 2020, pp. 144–154,.

Digital Library

[15]

Y. Zhang, J. Wang, H. Huang, Y. Zhang, P. Liu, Understanding and conquering the difficulties in identifying third-party libraries from millions of android apps, IEEE Trans. Big Data 8 (2022) 1511–1523,.

[16]

Z. Zhang, H. Ma, D. Wu, D. Gao, X. Yi, Y. Chen, Y. Wu, L. Jiang, MtdScout: Complementing the identification of insecure methods in android apps via source-to-bytecode signature generation and tree-based layered search, in: IEEE 9th Eur. Symp. Sec. Pri, EuroS & P, 2024, pp. 724–740,.

[17]

Y. Wu, C. Sun, D. Zeng, G. Tan, S. Ma, P. Wang, LibScan: Towards more precise third-party library identification for android applications, in: 32nd USENIX Sec. Symp, USENIX Security, 2023, pp. 3385–3402. https://www.usenix.org/conference/usenixsecurity23/presentation/wu-yafei.

[18]

Y. Wang, H. Wu, H. Zhang, A. Rountev, ORLIS: obfuscation-resilient library detection for android, in: 5th Int. Conf. Mob. Softw. Eng. Syst, MOBILESoft, 2018, pp. 13–23,.

Digital Library

[19]

J. Xu, Q. Yuan, LibRoad: Rapid, online, and accurate detection of TPLs on android, IEEE Trans. Mob. Comput. 21 (2022) 167–180,.

[20]

X. Zhan, T. Liu, Y. Liu, Y. Liu, L. Li, H. Wang, X. Luo, A systematic assessment on android third-party library detection tools, IEEE Trans. Softw. Eng. 48 (2022) 4249–4273,.

[21]

J. Feichtner, C. Rabensteiner, Obfuscation-resilient code recognition in android apps, in: 14th Int. Conf. Availab. Reliab. Sec., ARES, 2019, pp. 1–10,.

Digital Library

[22]

Y. Zhang, J. Dai, X. Zhang, S. Huang, Z. Yang, M. Yang, H. Chen, Detecting third-party libraries in android applications with high precision and recall, in: 25th Int. Conf. Softw. Anal. Evolut. Reengineering, SANER, 2018, pp. 141–152,.

[23]

B. Bichsel, V. Raychev, P. Tsankov, M. Vechev, Statistical deobfuscation of android applications, in: 2016 ACM SIGSAC Conf. Comput. Commun. Sec., CCS, 2016, pp. 343–355,.

Digital Library

[24]

W. Zhou, Y. Zhou, X. Jiang, P. Ning, Detecting repackaged smartphone applications in third-party android marketplaces, in: Second ACM Conf. Data Appl. Sec. Pri., CODASPY, 2012, pp. 317–326,.

Digital Library

[25]

M. Backes, S. Bugiel, E. Derr, Reliable third-party library detection in android and its security applications, in: 2016 ACM SIGSAC Conf. Comp. Commun. Sec., CCS, 2016, pp. 356–367,.

Digital Library

[26]

J. Zhang, A.R. Beresford, S.A. Kollmann, LibID: reliable identification of obfuscated third-party Android libraries, in: 28th ACM SIGSOFT Int. Symp. Softw. Test. Anal, ISSTA, 2019, pp. 55–65,.

Digital Library

[27]

M. Li, P. Wang, W. Wang, S. Wang, D. Wu, J. Liu, R. Xue, W. Huo, W. Zou, Large-scale third-party library detection in android markets, IEEE Trans. Softw. Eng. 46 (2020) 981–1003,.

[28]

J. Huang, B. Xue, J. Jiang, W. You, B. Liang, J. Wu, Y. Wu, Scalably detecting third-party android libraries with two-stage bloom filtering, IEEE Trans. Softw. Eng. 49 (2023) 2272–2284,.

Digital Library

[29]

C.-H. Liu, Z.-J. Zhang, S.-D. Wang, An android malware detection approach using Bayesian inference, in: IEEE Int. Conf. Comput. Inf. Technol, CIT, 2016, pp. 476–483,.

[30]

X. Liu, Z. Jin, J. Liu, W. Liu, X. Wang, Q. Liu, ANDetect: A third-party ad network libraries detection framework for android applications, in: 39th Annu. Comp. Sec. Appl. Conf. ACSAC, 2023, pp. 98–112,.

Digital Library

[31]

D. Daniel, Z. d. l. C. Alejandro, G. Alessandra, C. Juan, LibKit: Detecting third-party libraries in iOS apps, in: 31st ACM Joint Eur. Softw. Eng. Conf. Symp. Found. Softw. Eng., ESEC/FSE, 2023, pp. 1407–1418,.

[32]

J. Tao, J. Shi, M. Fan, Y. Wang, J. Liu, T. Liu, JSLibD: Reliable and heuristic detection of third-party libraries in miniapps, in: 2023 ACM Workshop Sec. Trustworthy Superapps, SaTS, 2023, pp. 11–16,.

Digital Library

[33]

S. Li, et al., LibAM: An area matching framework for detecting third-party libraries in binaries, ACM Trans. Softw. Eng. Methodol. 33 (2023) 1–35,.

Digital Library

[34]

J. Wu, Z. Xu, W. Tang, L. Zhang, Y. Wu, C. Liu, K. Sun, L. Zhao, Y. Liu, OSSFP: Precise and scalable C/C++ third-party library detection using fingerprinting functions, in: 45th Int. Conf. Softw. Eng, ICSE, 2023, pp. 270–282,.

Digital Library

[35]

M. Li, W. Wang, P. Wang, S. Wang, D. Wu, J. Liu, R. Xue, W. Huo, LibD: Scalable and precise third-party library detection in android markets, in: 39th Int. Conf. Softw. Eng, ICSE, 2017, pp. 335–346,.

Digital Library

[36]

Z. Ma, H. Wang, Y. Guo, X. Chen, LibRadar: fast and accurate detection of third-party libraries in android apps, in: 38th Int. Conf. Softw. Eng, ICSE, 2016, pp. 653–656,.

Digital Library

[37]

C. Soh, H.B. Kuan Tan, Y.L. Arnatovich, A. Narayanan, L. Wang, LibSift: Automated detection of third-party libraries in android applications, in: 23rd Asia-Pacific Softw. Eng. Conf, APSEC, 2016, pp. 41–48,.

[38]

H. Wang, Y. Guo, Z. Ma, X. Chen, Wukong: a scalable and accurate two-phase approach to android app clone detection, in: 2015 ACM SIGSOFT Int. Symp. Softw. Test. Anal, ISSTA, 2015, pp. 71–82,.

Digital Library

[39]

B. Liu, B. Liu, H. Jin, R. Govindan, Efficient privilege de-escalation for ad libraries in mobile apps, in: 13th Annu. Int. Conf. Mob. Syst. Appl. Serv, MobiSys, 2015, pp. 89–103,.

Digital Library

[40]

A. Narayanan, L. Chen, C.K. Chan, AdDetect: Automated detection of android ad libraries using semantic analysis, in: 9th Int. Conf. Intell. Sens. Sens. Netw. Inf. Process, 2014, pp. 1–6,.

[41]

L. Glanz, S. Amann, M. Eichberg, M. Reif, B. Hermann, J. Lerch, M. Mezini, CodeMatch: obfuscation won’t conceal your repackaged app, in: 11th Jt Meet. Found. Softw. Eng, FSE, 2017, pp. 638–648,.

[42]

Z. Tang, M. Xue, G. Meng, C. Ying, Y. Liu, J. He, H. Zhu, Y. Liu, Securing android applications via edge assistant third-party library detection, Comp. Sec. 80 (2019) 257–272,.

[43]

X. Zhan, L. Fan, S. Chen, F. We, T. Liu, X. Luo, Y. Liu, ATVHunter: Reliable version detection of third-party libraries for vulnerability identification in android applications, in: 43rd Int. Conf. Softw. Eng, ICSE, 2021, pp. 1695–1707,.

Digital Library

[44]

B.H. Bloom, Space/time trade-offs in hash coding with allowable errors, Commun. ACM 13 (1970) 422–426,.

Digital Library

[45]

S. Dahlgaard, M. Knudsen, M. Thorup, Practical hash functions for similarity estimation and dimensionality reduction, in: 31st Int. Conf. Neural Inf. Process. Syst, NIPS, 2017, pp. 6618–6628. https://dl.acm.org/doi/pdf/10.5555/3295222.3295407.

[46]

S. Almanee, A. Ünal, M. Payer, J. Garcia, Too quiet in the library: An empirical study of security updates in android apps’ native code, in: IEEE/ACM 43rd Int. Conf. Softw. Eng, ICSE, 2021, pp. 1347–1359,.

Digital Library

[47]

A. Gupta, S. Namasudra, A novel technique for accelerating live migration in cloud computing, Autom. Softw. Eng. 29 (2022) 34,.

Digital Library

[48]

M. Rahman, A. Murmu, P. Kumar, N.R. Moparthi, S. Namasudra, A novel compression-based 2D-chaotic sine map for enhancing privacy and security of biometric identification systems, J. Inf. Sec. Appl. 80 (2024),.

Digital Library

[49]

K. Allix, T.F. Bissyandé, J. Klein, Y.L. Traon, AndroZoo: collecting millions of android apps for the research community, in: 13th Int. Conf. Min. Softw. Repos, MSR., 2016, pp. 468–471,.

Digital Library

Index Terms

Index terms have been assigned to the content through auto-classification.

Recommendations

LibID: reliable identification of obfuscated third-party Android libraries
ISSTA 2019: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

Third-party libraries are vital components of Android apps, yet they can also introduce serious security threats and impede the accuracy and reliability of app analysis tasks, such as app clone detection. Several library detection approaches have been ...
ANDetect: A Third-party Ad Network Libraries Detection Framework for Android Applications
ACSAC '23: Proceedings of the 39th Annual Computer Security Applications Conference

Third-party advertising libraries, which furnish mobile applications with ads, offer a revenue stream for Android application developers. However, the loaded ads potentially expose application users to privacy infringements and security threats. For ...
Dynamic privacy leakage analysis of Android third-party libraries
Abstract
The third-party libraries are reusable resources that are widely employed in Android Apps. While the third-party libraries provide a variety of functions, they bring serious security and privacy problems. The third-party libraries and ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Information Fusion

Information Fusion Volume 117, Issue C

May 2025

1570 pages

Issue’s Table of Contents

Elsevier B.V.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 20 February 2025

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents