| 大规模移动应用第三方库自动检测和分类方法; Automated Detection and Classification of Third-Party Libraries in Large Scale Android Apps | |
| 王浩宇 ; 郭耀 ; 马子昂 ; 陈向群 | |
| 刊名 | 软件学报
 |
| 2017 | |
| 关键词 | Android Android third-party library advertisement library mobile apps machine learning 第三方库 广告库 移动应用 机器学习 |
| DOI | 10.13328/j.cnki.jos.005221 |
| 英文摘要 | 移动应用中,广泛使用第三方库来帮助开发和增强应用功能.很多关于移动应用分析以及访问控制的研究工作,需要在分析之前对第三方库进行检测、过滤或者对其进行功能分类.当前,大部分研究工作都以使用白名单的方式来检测第三方库或者对其功能进行分类.然而,通过白名单检测第三方库不完善且不准确,其原因包括:(1)第三方库的种类和数量很大;(2)常见的代码混淆或者第三方库伪装等技术使得白名单方法不能准确地识别第三方库.提出一种第三方库自动检测和分类方法,包括基于多级聚类技术准确识别第三方库以及基于机器学习对第三方库的功能进行准确分类.实验对超过130000个Android应用进行分析,验证所提出方法的有效性.实验总共检测到4916个不同的第三方库.在人工标记的数据集上,通过十折交叉验证,对第三方库分类的准确率达到84.28%.将训练好的分类器应用于全部4916个检测到的第三方库,人工进行抽样验证的准确率达到75%.; Third-Party libraries are widely used in mobile applications such as Android apps.Much research on app analysis or access control needs to detect or classify third-party libraries first in order to provide accurate results.Most previous studies use a whitelist to identify third-party libraries and manually categorize them.However,it is impossible to build a complete whitelist of third-party libraries and classify them because:(1) there are too many of them;and (2) common techniques such as library obfuscation and library masquerading cannot be handled with a whitelist.In this paper,an automated approach is proposed to detect and classify frequently-used third-party libraries in Android apps.A multi-level clustering based method is presented to identify third-party libraries,and a machine learning based technique is applied to classify the libraries.Experiments on more than 130000 apps show that 4916 third-party libraries can be detected without prior knowledge.The classification result of 10-folds cross validation on sampled libraries is 84.28%.With the trained classifier,the proposed approach is able to classify more than 75% of the 4916 libraries into six categories with an accuracy of 75%.; 国家自然科学基金; 国家高技术研究发展计划(863)(2015AA017202)National Natural Science Foundation of China; National High Technology Research and Development Program of China (863); 中国科学引文数据库(CSCD); 6; 1373-1388; 28 |
| 语种 | 英语 |
| 内容类型 | 期刊论文 |
| 源URL | [http://ir.pku.edu.cn/handle/20.500.11897/476788]  |
| 专题 | 信息科学技术学院 |
| 推荐引用方式 GB/T 7714 | 王浩宇,郭耀,马子昂,等. 大规模移动应用第三方库自动检测和分类方法, Automated Detection and Classification of Third-Party Libraries in Large Scale Android Apps[J]. 软件学报,2017. |
| APA | 王浩宇,郭耀,马子昂,&陈向群.(2017).大规模移动应用第三方库自动检测和分类方法.软件学报. |
| MLA | 王浩宇,et al."大规模移动应用第三方库自动检测和分类方法".软件学报 (2017). |
| 个性服务 |
| 查看访问统计 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论