Automated Third-Party Library Detection for Android Applications: Are We There Yet?

Zhan，Xian1; Fan，Lingling2; Liu，Tianming4; Chen，Sen5; Li，Li4; Wang，Haoyu6; Xu，Yifei7; Luo，Xiapu1; Liu，Yang3

10.1145/3324884.3416582

2020-09-01

1938-4300

978-1-7281-7281-1

Proceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020

919-930

21-25 Sept. 2020

Melbourne, VIC, Australia

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs with different functionalities to facilitate their app development. Unfortunately, the popularity of TPLs also brings new challenges and even threats. TPLs may carry malicious or vulnerable code, which can infect popular apps to pose threats to mobile users. Besides, the code of third-party libraries could constitute noises in some downstream tasks (e.g., malware and repackaged app detection). Thus, researchers have developed various tools to identify TPLs. However, no existing work has studied these TPL detection tools in detail; different tools focus on different applications with performance differences, but little is known about them. To better understand existing TPL detection tools and dissect TPL detection techniques, we conduct a comprehensive empirical study to fill the gap by evaluating and comparing all publicly available TPL detection tools based on four criteria: effectiveness, efficiency, code obfuscation-resilience capability, and ease of use. We reveal their advantages and disadvantages based on a systematic and thorough empirical study. Furthermore, we also conduct a user study to evaluate the usability of each tool. The results showthat LibScout outperforms others regarding effectiveness, LibRadar takes less time than others and is also regarded as the most easy-to-use one, and LibPecker performs the best in defending against code obfuscation techniques. We further summarize the lessons learned from different perspectives, including users, tool implementation, and researchers. Besides, we enhance these open-sourced tools by fixing their limitations to improve their detection ability. We also build an extensible framework that integrates all existing available TPL detection tools, providing online service for the research community. We make publicly available the evaluation dataset and enhanced tools. We believe our work provides a clear picture of existing TPL detection techniques and also give a road-map for future directions.

Android Empirical study Library detection Third-party library

其他

英语

EI ; CPCI-S

WOS:000651313500077

20210309773368

Android (operating system) ; Automation ; Inspection equipment ; Libraries ; Malware

Computer Software, Data Handling and Applications:723 ; Data Processing and Image Processing:723.2 ; Automatic Control Principles and Applications:731 ; Libraries:903.4.1 ; Inspection:913.3.1

2-s2.0-85099211873

Scopus

1.The Hong Kong Polytechnic University,Hong Kong,Hong Kong
2.College of Cyber Science,Nankai Univerisity,China
3.Nanyang Technological University,Singapore,Singapore
4.Monash University,Australia
5.College of Intelligence and Computing,Tianjin University,China
6.Beijing University of Posts and Telecommunications,China
7.Southern University of Science and Technology,China

Zhan，Xian,Fan，Lingling,Liu，Tianming,et al. Automated Third-Party Library Detection for Android Applications: Are We There Yet?[C],2020:919-930.