摘要
第三方库被安卓应用广泛地用来增加程序功能、方便应用开发,但第三方库的使用也给应用带来新的安全隐患.而现有第三方库检测技术的可靠性与精确性存在不足,工具的参数阈值依赖于人工经验确定,且容易受到混淆技术的影响.因此,本文提出一种能进行参数自整定的第三方库检测工具LibSeeker,它基于函数特征向量和与代码无关的函数签名哈希,结合包的层级信息,实现第三方库的匹配与相似度计算,同时,它使用正交表和UCB算法简化参数自整定中的大量遍历,通过相对较少的测试次数,达到挑选出最优参数向量的效果.我们采用了5万多样本进行参数整定与第三方库检测实验,在整定出的参数阈值设定下,LibSeeker的准确率和召回率能够达到99. 82%和95. 77%.
Third-party libraries are widely used in Android applications to enhance functionalities and ease development. However,the use of libraries also brings newsecurity issues to the host application. Existing works on library detection are not good enough in reliability and accuracy. The parameter thresholds used in the tools are often decided by manual experience,and the tools tend to be affected by obfuscation techniques. In this paper,we design a library detection tool called LibSeeker with parameter auto-tuning function.LibSeeker utilizes the method feature vectors and the hashes of code-independent method signatures with the package hierarchy information to realize library matching and calculation of similarity score. What’ s more,it adopts orthogonal table and UCB algorithm to simplify the massive scanning and pick up the optimal parameter vector through relatively fewer tests. We carry out experiments on a large-scale database which covers more than 50 k application-library pairs,and find that the precision and recall can reach 99. 82% and95. 77% under the picked-up optimal parameters.
作者
黄思荣
陶非凡
张源
杨珉
HUANG Si-rong;TAO Fei-fan;ZHANG Yuan;YANG Min(Software School,Fudan University,Shanghai 201203,China;Shanghai General Recognition Technology Research Institute,Shanghai 201100,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2019年第2期332-340,共9页
Journal of Chinese Computer Systems
基金
上海市青年科技英才扬帆计划项目(16YF1400800)资助
国家重点基础研究发展计划项目(2015CB358800)资助
国家自然科学基金项目(61602123
61602121
U1636204
U1736208)资助
关键词
安卓
第三方库检测
参数自整定
静态分析
Android
library detection
parameter auto-tuning
static analysis
