Scalable third-party libraries detection in Android markets
Android apps use Third-party Libraries (3PLs) such as advertisement, social-networking and analytics libraries for monetization and catering other developer- and user-centric services. Recent research reveals that many 3PLs (including popular ones) involve in privacy leaks and contain vulnerabilitie...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/72053 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-72053 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-720532023-07-07T16:42:19Z Scalable third-party libraries detection in Android markets Li, Ang Chen Lihui School of Electrical and Electronic Engineering DRNTU::Engineering::Electrical and electronic engineering Android apps use Third-party Libraries (3PLs) such as advertisement, social-networking and analytics libraries for monetization and catering other developer- and user-centric services. Recent research reveals that many 3PLs (including popular ones) involve in privacy leaks and contain vulnerabilities posing serious threats to users’ security and privacy. Besides this, including 3PL code with main apps’ code in tasks such a clone and malware detection, reportedly, reduces their precision. Hence, detecting and removing/vetting such 3PLs is a useful task to multiple stakeholders including security analysts and market curators. Owing to such issues, automated detection of 3PLs evolved as an important research problem, with several methods proposed recently. To this end, we implement a recent state-of-the-art Android 3PL detection technique named WuKong [5]. It follows a semantics-based clustering approach to automatically identify 3PLs from a large corpus of 100,000 apps. Once, 3PLs are detected, we systematically evaluate the impact of removing 3PLs from an application task, namely, malware detection. To this end, we use the tool named Drebin [20] to perform effective and scalable malware detection. Through our large-scale analysis on 4,000 apps, we observe that WuKong’s 3PL detection and subsequent removal helps to improve Debin’s malware detection efficiency by 20.75% without hurting the accuracy. Bachelor of Engineering 2017-05-24T02:30:34Z 2017-05-24T02:30:34Z 2017 Final Year Project (FYP) http://hdl.handle.net/10356/72053 en Nanyang Technological University 46 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Electrical and electronic engineering |
| spellingShingle |
DRNTU::Engineering::Electrical and electronic engineering Li, Ang Scalable third-party libraries detection in Android markets |
| description |
Android apps use Third-party Libraries (3PLs) such as advertisement, social-networking and analytics libraries for monetization and catering other developer- and user-centric services. Recent research reveals that many 3PLs (including popular ones) involve in privacy leaks and contain vulnerabilities posing serious threats to users’ security and privacy. Besides this, including 3PL code with main apps’ code in tasks such a clone and malware detection, reportedly, reduces their precision. Hence, detecting and removing/vetting such 3PLs is a useful task to multiple stakeholders including security analysts and market curators. Owing to such issues, automated detection of 3PLs evolved as an important research problem, with several methods proposed recently. To this end, we implement a recent state-of-the-art Android 3PL detection technique named WuKong [5]. It follows a semantics-based clustering approach to automatically identify 3PLs from a large corpus of 100,000 apps. Once, 3PLs are detected, we systematically evaluate the impact of removing 3PLs from an application task, namely, malware detection. To this end, we use the tool named Drebin [20] to perform effective and scalable malware detection. Through our large-scale analysis on 4,000 apps, we observe that WuKong’s 3PL detection and subsequent removal helps to improve Debin’s malware detection efficiency by 20.75% without hurting the accuracy. |
| author2 |
Chen Lihui |
| author_facet |
Chen Lihui Li, Ang |
| format |
Final Year Project |
| author |
Li, Ang |
| author_sort |
Li, Ang |
| title |
Scalable third-party libraries detection in Android markets |
| title_short |
Scalable third-party libraries detection in Android markets |
| title_full |
Scalable third-party libraries detection in Android markets |
| title_fullStr |
Scalable third-party libraries detection in Android markets |
| title_full_unstemmed |
Scalable third-party libraries detection in Android markets |
| title_sort |
scalable third-party libraries detection in android markets |
| publishDate |
2017 |
| url |
http://hdl.handle.net/10356/72053 |
| _version_ |
1772827781812453376 |