Identify and Inspect Libraries in Android Applications

Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the...
Ausführliche Beschreibung

Gespeichert in:

Autor*in:	Han, Hongmu [verfasserIn] Li, Ruixuan Tang, Junwei

Format:	Artikel
Sprache:	Englisch

Erschienen:	2018

Schlagwörter:	Android apps Library detection Frequent pattern Abnormal library Malware

Anmerkung:	© Springer Science+Business Media, LLC, part of Springer Nature 2018

Übergeordnetes Werk:	Enthalten in: Wireless personal communications - Springer US, 1994, 103(2018), 1 vom: 08. Feb., Seite 491-503
Übergeordnetes Werk:	volume:103 ; year:2018 ; number:1 ; day:08 ; month:02 ; pages:491-503

Links:	Volltext

DOI / URN:	10.1007/s11277-018-5456-4

Katalog-ID:	OLC2053822627

Internformat


LEADER	01000caa a22002652 4500
001	OLC2053822627
003	DE-627
005	20230504080130.0
007	tu
008	200819s2018 xx \|\|\|\|\| 00\| \|\|eng c
024	7		\|a 10.1007/s11277-018-5456-4 \|2 doi
035			\|a (DE-627)OLC2053822627
035			\|a (DE-He213)s11277-018-5456-4-p
040			\|a DE-627 \|b ger \|c DE-627 \|e rakwb
041			\|a eng
082	0	4	\|a 620 \|q VZ
100	1		\|a Han, Hongmu \|e verfasserin \|0 (orcid)0000-0002-6909-5242 \|4 aut
245	1	0	\|a Identify and Inspect Libraries in Android Applications
264		1	\|c 2018
336			\|a Text \|b txt \|2 rdacontent
337			\|a ohne Hilfsmittel zu benutzen \|b n \|2 rdamedia
338			\|a Band \|b nc \|2 rdacarrier
500			\|a © Springer Science+Business Media, LLC, part of Springer Nature 2018
520			\|a Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection.
650		4	\|a Android apps
650		4	\|a Library detection
650		4	\|a Frequent pattern
650		4	\|a Abnormal library
650		4	\|a Malware
700	1		\|a Li, Ruixuan \|4 aut
700	1		\|a Tang, Junwei \|4 aut
773	0	8	\|i Enthalten in \|t Wireless personal communications \|d Springer US, 1994 \|g 103(2018), 1 vom: 08. Feb., Seite 491-503 \|w (DE-627)188950273 \|w (DE-600)1287489-9 \|w (DE-576)049958909 \|x 0929-6212 \|7 nnns
773	1	8	\|g volume:103 \|g year:2018 \|g number:1 \|g day:08 \|g month:02 \|g pages:491-503
856	4	1	\|u https://doi.org/10.1007/s11277-018-5456-4 \|z lizenzpflichtig \|3 Volltext
912			\|a GBV_USEFLAG_A
912			\|a SYSFLAG_A
912			\|a GBV_OLC
912			\|a SSG-OLC-MKW
912			\|a GBV_ILN_70
951			\|a AR
952			\|d 103 \|j 2018 \|e 1 \|b 08 \|c 02 \|h 491-503

Indexfelder

author_variant	h h hh r l rl j t jt
matchkey_str	article:09296212:2018----::dniynisetirreiadod
hierarchy_sort_str	2018
publishDate	2018
allfields	10.1007/s11277-018-5456-4 doi (DE-627)OLC2053822627 (DE-He213)s11277-018-5456-4-p DE-627 ger DE-627 rakwb eng 620 VZ Han, Hongmu verfasserin (orcid)0000-0002-6909-5242 aut Identify and Inspect Libraries in Android Applications 2018 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC, part of Springer Nature 2018 Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. Android apps Library detection Frequent pattern Abnormal library Malware Li, Ruixuan aut Tang, Junwei aut Enthalten in Wireless personal communications Springer US, 1994 103(2018), 1 vom: 08. Feb., Seite 491-503 (DE-627)188950273 (DE-600)1287489-9 (DE-576)049958909 0929-6212 nnns volume:103 year:2018 number:1 day:08 month:02 pages:491-503 https://doi.org/10.1007/s11277-018-5456-4 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MKW GBV_ILN_70 AR 103 2018 1 08 02 491-503
spelling	10.1007/s11277-018-5456-4 doi (DE-627)OLC2053822627 (DE-He213)s11277-018-5456-4-p DE-627 ger DE-627 rakwb eng 620 VZ Han, Hongmu verfasserin (orcid)0000-0002-6909-5242 aut Identify and Inspect Libraries in Android Applications 2018 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC, part of Springer Nature 2018 Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. Android apps Library detection Frequent pattern Abnormal library Malware Li, Ruixuan aut Tang, Junwei aut Enthalten in Wireless personal communications Springer US, 1994 103(2018), 1 vom: 08. Feb., Seite 491-503 (DE-627)188950273 (DE-600)1287489-9 (DE-576)049958909 0929-6212 nnns volume:103 year:2018 number:1 day:08 month:02 pages:491-503 https://doi.org/10.1007/s11277-018-5456-4 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MKW GBV_ILN_70 AR 103 2018 1 08 02 491-503
allfields_unstemmed	10.1007/s11277-018-5456-4 doi (DE-627)OLC2053822627 (DE-He213)s11277-018-5456-4-p DE-627 ger DE-627 rakwb eng 620 VZ Han, Hongmu verfasserin (orcid)0000-0002-6909-5242 aut Identify and Inspect Libraries in Android Applications 2018 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC, part of Springer Nature 2018 Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. Android apps Library detection Frequent pattern Abnormal library Malware Li, Ruixuan aut Tang, Junwei aut Enthalten in Wireless personal communications Springer US, 1994 103(2018), 1 vom: 08. Feb., Seite 491-503 (DE-627)188950273 (DE-600)1287489-9 (DE-576)049958909 0929-6212 nnns volume:103 year:2018 number:1 day:08 month:02 pages:491-503 https://doi.org/10.1007/s11277-018-5456-4 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MKW GBV_ILN_70 AR 103 2018 1 08 02 491-503
allfieldsGer	10.1007/s11277-018-5456-4 doi (DE-627)OLC2053822627 (DE-He213)s11277-018-5456-4-p DE-627 ger DE-627 rakwb eng 620 VZ Han, Hongmu verfasserin (orcid)0000-0002-6909-5242 aut Identify and Inspect Libraries in Android Applications 2018 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC, part of Springer Nature 2018 Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. Android apps Library detection Frequent pattern Abnormal library Malware Li, Ruixuan aut Tang, Junwei aut Enthalten in Wireless personal communications Springer US, 1994 103(2018), 1 vom: 08. Feb., Seite 491-503 (DE-627)188950273 (DE-600)1287489-9 (DE-576)049958909 0929-6212 nnns volume:103 year:2018 number:1 day:08 month:02 pages:491-503 https://doi.org/10.1007/s11277-018-5456-4 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MKW GBV_ILN_70 AR 103 2018 1 08 02 491-503
allfieldsSound	10.1007/s11277-018-5456-4 doi (DE-627)OLC2053822627 (DE-He213)s11277-018-5456-4-p DE-627 ger DE-627 rakwb eng 620 VZ Han, Hongmu verfasserin (orcid)0000-0002-6909-5242 aut Identify and Inspect Libraries in Android Applications 2018 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC, part of Springer Nature 2018 Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. Android apps Library detection Frequent pattern Abnormal library Malware Li, Ruixuan aut Tang, Junwei aut Enthalten in Wireless personal communications Springer US, 1994 103(2018), 1 vom: 08. Feb., Seite 491-503 (DE-627)188950273 (DE-600)1287489-9 (DE-576)049958909 0929-6212 nnns volume:103 year:2018 number:1 day:08 month:02 pages:491-503 https://doi.org/10.1007/s11277-018-5456-4 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MKW GBV_ILN_70 AR 103 2018 1 08 02 491-503
language	English
source	Enthalten in Wireless personal communications 103(2018), 1 vom: 08. Feb., Seite 491-503 volume:103 year:2018 number:1 day:08 month:02 pages:491-503
sourceStr	Enthalten in Wireless personal communications 103(2018), 1 vom: 08. Feb., Seite 491-503 volume:103 year:2018 number:1 day:08 month:02 pages:491-503
format_phy_str_mv	Article
institution	findex.gbv.de
topic_facet	Android apps Library detection Frequent pattern Abnormal library Malware
dewey-raw	620
isfreeaccess_bool	false
container_title	Wireless personal communications
authorswithroles_txt_mv	Han, Hongmu @@aut@@ Li, Ruixuan @@aut@@ Tang, Junwei @@aut@@
publishDateDaySort_date	2018-02-08T00:00:00Z
hierarchy_top_id	188950273
dewey-sort	3620
id	OLC2053822627
language_de	englisch
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2053822627</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230504080130.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2018 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s11277-018-5456-4</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2053822627</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s11277-018-5456-4-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">620</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Han, Hongmu</subfield><subfield code="e">verfasserin</subfield><subfield code="0">(orcid)0000-0002-6909-5242</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Identify and Inspect Libraries in Android Applications</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2018</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer Science+Business Media, LLC, part of Springer Nature 2018</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Android apps</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Library detection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Frequent pattern</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Abnormal library</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Malware</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Li, Ruixuan</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Tang, Junwei</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Wireless personal communications</subfield><subfield code="d">Springer US, 1994</subfield><subfield code="g">103(2018), 1 vom: 08. Feb., Seite 491-503</subfield><subfield code="w">(DE-627)188950273</subfield><subfield code="w">(DE-600)1287489-9</subfield><subfield code="w">(DE-576)049958909</subfield><subfield code="x">0929-6212</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:103</subfield><subfield code="g">year:2018</subfield><subfield code="g">number:1</subfield><subfield code="g">day:08</subfield><subfield code="g">month:02</subfield><subfield code="g">pages:491-503</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s11277-018-5456-4</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MKW</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">103</subfield><subfield code="j">2018</subfield><subfield code="e">1</subfield><subfield code="b">08</subfield><subfield code="c">02</subfield><subfield code="h">491-503</subfield></datafield></record></collection>
author	Han, Hongmu
spellingShingle	Han, Hongmu ddc 620 misc Android apps misc Library detection misc Frequent pattern misc Abnormal library misc Malware Identify and Inspect Libraries in Android Applications
authorStr	Han, Hongmu
ppnlink_with_tag_str_mv	@@773@@(DE-627)188950273
format	Article
dewey-ones	620 - Engineering & allied operations
delete_txt_mv	keep
author_role	aut aut aut
collection	OLC
remote_str	false
illustrated	Not Illustrated
issn	0929-6212
topic_title	620 VZ Identify and Inspect Libraries in Android Applications Android apps Library detection Frequent pattern Abnormal library Malware
topic	ddc 620 misc Android apps misc Library detection misc Frequent pattern misc Abnormal library misc Malware
topic_unstemmed	ddc 620 misc Android apps misc Library detection misc Frequent pattern misc Abnormal library misc Malware
topic_browse	ddc 620 misc Android apps misc Library detection misc Frequent pattern misc Abnormal library misc Malware
format_facet	Aufsätze Gedruckte Aufsätze
format_main_str_mv	Text Zeitschrift/Artikel
carriertype_str_mv	nc
hierarchy_parent_title	Wireless personal communications
hierarchy_parent_id	188950273
dewey-tens	620 - Engineering
hierarchy_top_title	Wireless personal communications
isfreeaccess_txt	false
familylinks_str_mv	(DE-627)188950273 (DE-600)1287489-9 (DE-576)049958909
title	Identify and Inspect Libraries in Android Applications
ctrlnum	(DE-627)OLC2053822627 (DE-He213)s11277-018-5456-4-p
title_full	Identify and Inspect Libraries in Android Applications
author_sort	Han, Hongmu
journal	Wireless personal communications
journalStr	Wireless personal communications
lang_code	eng
isOA_bool	false
dewey-hundreds	600 - Technology
recordtype	marc
publishDateSort	2018
contenttype_str_mv	txt
container_start_page	491
author_browse	Han, Hongmu Li, Ruixuan Tang, Junwei
container_volume	103
class	620 VZ
format_se	Aufsätze
author-letter	Han, Hongmu
doi_str_mv	10.1007/s11277-018-5456-4
normlink	(ORCID)0000-0002-6909-5242
normlink_prefix_str_mv	(orcid)0000-0002-6909-5242
dewey-full	620
title_sort	identify and inspect libraries in android applications
title_auth	Identify and Inspect Libraries in Android Applications
abstract	Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. © Springer Science+Business Media, LLC, part of Springer Nature 2018
abstractGer	Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. © Springer Science+Business Media, LLC, part of Springer Nature 2018
abstract_unstemmed	Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection. © Springer Science+Business Media, LLC, part of Springer Nature 2018
collection_details	GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MKW GBV_ILN_70
container_issue	1
title_short	Identify and Inspect Libraries in Android Applications
url	https://doi.org/10.1007/s11277-018-5456-4
remote_bool	false
author2	Li, Ruixuan Tang, Junwei
author2Str	Li, Ruixuan Tang, Junwei
ppnlink	188950273
mediatype_str_mv	n
isOA_txt	false
hochschulschrift_bool	false
doi_str	10.1007/s11277-018-5456-4
up_date	2024-07-03T20:47:06.578Z
_version_	1803592271479701504
fullrecord_marcxml	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2053822627</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230504080130.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2018 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s11277-018-5456-4</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2053822627</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s11277-018-5456-4-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">620</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Han, Hongmu</subfield><subfield code="e">verfasserin</subfield><subfield code="0">(orcid)0000-0002-6909-5242</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Identify and Inspect Libraries in Android Applications</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2018</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer Science+Business Media, LLC, part of Springer Nature 2018</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Libraries may become a liability for users security. Existing studies show that libraries can be exploited to propagate malware. Hackers utilize fake or modified libraries to execute malicious behaviours. Vetting library instances in applications are desirable. However, it is impeded by the absence of robust library detection method and library vetting method. This paper proposes a hybrid library detection method that it combines name-based method and feature-based method to identify library instances in applications. It can resist simple identifier renaming. Furthermore, this paper proposes an abnormal library detection method that it utilizes frequent pattern to measure the normal degree of library instances. Comparing with existing methods, the abnormal library detection method can not rely on original library files. A ground truth dataset that it consists of 177 malicious applications with abnormal library instance and 81,317 benign apps is used to demonstrate the effectiveness of proposed approaches. Experimental results show that the approaches can precisely detect library instances and effectively reduce the cost of abnormal library detection.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Android apps</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Library detection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Frequent pattern</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Abnormal library</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Malware</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Li, Ruixuan</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Tang, Junwei</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Wireless personal communications</subfield><subfield code="d">Springer US, 1994</subfield><subfield code="g">103(2018), 1 vom: 08. Feb., Seite 491-503</subfield><subfield code="w">(DE-627)188950273</subfield><subfield code="w">(DE-600)1287489-9</subfield><subfield code="w">(DE-576)049958909</subfield><subfield code="x">0929-6212</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:103</subfield><subfield code="g">year:2018</subfield><subfield code="g">number:1</subfield><subfield code="g">day:08</subfield><subfield code="g">month:02</subfield><subfield code="g">pages:491-503</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s11277-018-5456-4</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MKW</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">103</subfield><subfield code="j">2018</subfield><subfield code="e">1</subfield><subfield code="b">08</subfield><subfield code="c">02</subfield><subfield code="h">491-503</subfield></datafield></record></collection>
score	7.3985043

Nicht das Richtige dabei?

Schreiben Sie uns!

Identify and Inspect Libraries in Android Applications

Nicht das Richtige dabei?

Zugang & Verfügbarkeit

Vorhandene Bände

Nicht das Richtige dabei?