徐建 等: LibPass: 基于包结构和签名的第三方库检测方法                                                2901


                     2627393.2627404]
                  [2]  Wang HY, Hong J, Guo Y. Using text mining to infer the purpose of permission use in mobile APPs. In: Proc. of the 2015 ACM Int’l
                     Joint Conf. on Pervasive and Ubiquitous Computing. Osaka: Association for Computing Machinery, 2015. 1107–1118. [doi: 10.1145/
                     2750858.2805833]
                  [3]  Li  L,  Bissyandé  TF,  Klein  J.  SimiDroid:  Identifying  and  explaining  similarities  in  Android  APPs.  In:  Proc.  of  the  2017  IEEE
                     Trustcom/BigDataSE/ICESS. Sydney: IEEE, 2017. 136–143. [doi: 10.1109/Trustcom/BigDataSE/ICESS.2017.230]
                  [4]  Zheng X, Pan L, Yilmaz E. Security analysis of modern mission critical Android mobile applications. In: Proc. of the 2017 Australasian
                     Computer Science Week Multiconference. Geelong: Association for Computing Machinery, 2017. 2. [doi: 10.1145/3014812.3014814]
                  [5]  Zhou W, Zhou YJ, Jiang XX, Ning P. Detecting repackaged smartphone applications in third-party Android marketplaces. In: Proc. of the
                     2nd ACM Conf. on Data and Application Security and Privacy. San Antonio: Association for Computing Machinery, 2012. 317–326.
                     [doi: 10.1145/2133601.2133640]
                  [6]  Hanna S, Huang L, Wu E, Li S, Chen C, Song D. Juxtapp: A scalable system for detecting code reuse among Android applications. In:
                     Proc. of the 9th Int’l Conf. on Detection of Intrusions and Malware, and Vulnerability Assessment. Heraklion: Springer, 2013. 62–81.
                     [doi: 10.1007/978-3-642-37300-8_4]
                  [7]  Grace MC, Zhou W, Jiang XX, Sadeghi AR. Unsafe exposure analysis of mobile in-APP advertisements. In: Proc. of the 5th ACM Conf.
                     ProGuard. 2021. https://www.guardsquare.com/en/products/proguard
                     on Security and Privacy in Wireless and Mobile Networks. Tucson: Association for Computing Machinery, 2012. 101–112. [doi: 10.1145/
                     2185448.2185464]
                  [8]  Book T, Pridgen A, Wallach DS. Longitudinal analysis of Android ad library permissions. arXiv:1303.0857, 2013.
                  [9]  Ma ZA, Wang HY, Guo Y, Chen XQ. LibRadar: Fast and accurate detection of third-party libraries in Android APPs. In: Proc. of the 38th
                     Int’l Conf. on Software Engineering Companion. Austin: Association for Computing Machinery, 2016. 653–656. [doi: 10.1145/2889160.
                     2889178]
                 [10]  Li MH, Wang W, Wang P, Wang S, Wu DH, Liu J, Xue R, Huo W. LibD: Scalable and precise third-party library detection in Android
                     markets. In: Proc. of the 39th Int’l Conf. on Software Engineering. Buenos Aires: IEEE, 2017. 335–346. [doi: 10.1109/icse.2017.38]
                 [11]  Wang HY, Guo Y, Ma ZA, Chen XQ. WuKong: A scalable and accurate two-phase approach to Android APP clone detection. In: Proc.
                     of the 2015 Int’l Symp. on Software Testing and Analysis. Baltimore: Association for Computing Machinery, 2015. 71–82. [doi: 10.1145/
                     2771783.2771795]
                 [12]  Narayanan A, Chen LH, Chan CK. AdDetect: Automated detection of Android ad libraries using semantic analysis. In: Proc. of the 9th
                     IEEE Int’l Conf. on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP). Singapore: IEEE, 2014. 1–6. [doi: 10.
                     1109/ISSNIP.2014.6827639]
                 [13]  Liu B, Liu B, Jin HX, Govindan R. Efficient privilege de-escalation for Ad libraries in mobile apps. In: Proc. of the 13th Annual Int’l
                     Conf. on Mobile Systems, Applications, and Services. Florence: Association for Computing Machinery, 2015. 89–103. [doi: 10.1145/
                     2742647.2742668]
                 [14]  Backes M, Bugiel S, Derr E. Reliable third-party library detection in Android and its security applications. In: Proc. of the 2016 ACM
                     SIGSAC Conf. on Computer and Communications Security. Vienna: Association for Computing Machinery, 2016. 356–367. [doi: 10.
                     1145/2976749.2978333]
                 [15]  Zhang, Y, Dai JR, Zhang XH, Huang SR, Yang ZM, Yang M, Chen H. Detecting third-party libraries in Android applications with high
                     precision and recall. In: Proc. of the 25th IEEE Int’l Conf. on Software Analysis, Evolution and Reengineering (SANER). Campobasso:
                     IEEE, 2018. 141–152. [doi: 10.1109/SANER.2018.8330204]
                 [16]  Zhang JX, Beresford AR, Kollmann SA. LibID: Reliable identification of obfuscated third-party Android libraries. In: Proc. of the 28th
                     ACM SIGSOFT Int’l Symp. on Software Testing and Analysis. Beijing: Association for Computing Machinery, 2019. 55–65. [doi: 10.
                     1145/3293882.3330563]
                 [17]
                 [18]  Allatori Obfuscator. 2021. http://www.allatori.com/
                 [19]  DashO. 2021. https://www.preemptive.com/products/dasho/overview
                 [20]  Hammad M, Garcia J, Malek S. A large-scale empirical study on the effects of code obfuscations on Android APPs and anti-malware
                     products. In: Proc. of the 40th Int’l Conf. on Software Engineering. Gothenburg: Association for Computing Machinery, 2018. 421–431.
                     [doi: 10.1145/3180155.3180228]
                 [21]  Chen K, Liu P, Zhang YJ. Achieving accuracy and scalability simultaneously in detecting application clones on Android markets. In:
                     Proc. of the 36th Int’l Conf. on Software Engineering. Hyderabad: Association for Computing Machinery, 2014. 175–186. [doi: 10.1145/
                     2568225.2568286]