Research On Third-party Library Detection Methods For Android Applications

In recent years,the world has entered the era of mobile Internet,and smart phones have been rapidly popularized.Mobile applications bring a lot of convenience to life in many aspects,such as transportation,shopping,finance and so on.At the same time,the development of mobile applications tends to be diversified.At the same time,the application software of mobile terminal,especially Android application software,is also showing a rapid growth trend.In view of the fact that Third-party Library can help Android application software developers to realize the diversity functions conveniently and quickly,Third-party Library has become an indispensable part of Android applications,and the wide use of the third-party library is likely to threaten the privacy and security of mobile users.This paper takes the third-party library detection of Android applications as the research object,and studies the code similarity calculation method and android application structure.The main content includes the following aspects:1.Aiming at the problem of high false positive and low detection efficiency caused by repeated matching of APK packets in the existing TPL testing generic technology,an Android application module parsing method based on package dependency was proposed to split android application modules and exclude the main module.The method first decompiles the Android application installation package to identify the dependencies such as class inheritance,function call and field reference.Furthermore,a package dependency graph is constructed with Java packages as nodes.The application is then split into separate modules based on the dependency diagram and Java package hierarchy.Finally,the package corresponding to the main module is identified and excluded according to the strength of inter-module dependency.Experiments on real data sets show that the identification of main modules has a positive impact on efficiency improvement,but has no impact on performance,which can save 35.61% of detection time for each application.The experimental results verify the necessity and effectiveness of fast package structure feature matching method.2.In order to improve the accuracy of third-party library detection,a weighted code similarity measurement method based on the ARP application to be detected is proposed according to the disadvantage of taking the prototype of third-party library as the reference,which leads to the deviation of the calculation results.This method first analyzes each ARP in the application to be detected,generates class signature and class weight for the classes it contains,and then determines the weight of each ARP subpackage.Then,class similarity measure,subpackage similarity measure and root package similarity measure based on class signature are designed respectively.Finally,the similarity measurement above is combined to determine the accurate version of the third-party library corresponding to each ARP,so as to improve the detection accuracy of the whole detection system.3.The accuracy of the third-party library detection method based on code similarity depends on the integrity of the third-party library prototype library.In order to ensure the high recall rate of the detection,this paper constructed a more complete third-party library prototype repository through online crawling and decompile-extracting,with the existing scale reaching more than 22,000.In addition,in order to verify the detection performance of the third-party library detection method Lib Searcher proposed in this paper,three Ground Truth construction methods are proposed to ensure the authenticity and reliability of the overall experiment from various aspects.4.In order to improve the detection efficiency of Android application third-party library based on large-scale local third-party library prototype library,a fast matching method of third-party library based on package structure feature is proposed by using the invariance of package structure features in the case of confusion.This method firstly extracts the package name in Android application by applying static analysis technology;Then,the application is divided into several independent root packages(ARP)according to the package hierarchy,and a package structure tree is constructed for each root package.Each package structure tree is reshaped and blurred to generate the string and hash values suitable for quick comparison as the structure eigenvalues.Finally,the matching method based on structural eigenvalues is studied to realize the rapid identification of third-party libraries.Experiments were carried out on the benchmark data set.Package-structure-based matching components had a positive effect on efficiency improvement,and could save88.45% detection time on average for each application.The recall rate was up to 96%,and the accuracy rate was up to 92.28%.