当前位置: X-MOL 学术Concurr. Comput. Pract. Exp. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
An accurate and efficient two‐phase scheme for detecting Android cloned applications
Concurrency and Computation: Practice and Experience ( IF 2 ) Pub Date : 2020-09-19 , DOI: 10.1002/cpe.6009
Jiahao Xie 1, 2 , Xiai Yan 3 , Yaping Lin 1, 2 , Jianhao Wei 1, 2
Affiliation  

The fast‐growing Android application market has attracted more and more application developers. However, many plagiarists use decompiled tools to modify original applications to get clones, which has become a serious threat. For detecting cloned applications, most of the existing schemes do not consider the detected accuracy and time consumption at the same time. In this article, we propose a two‐phase detection scheme to achieve fast and accurate clone detection in large‐scale applications. In the rapid screening phase, a fix‐length minhash summary is constructed for each application and the locality‐sensitive hashing (LSH) algorithm is used to obtain suspicious cloned applications quickly. In the accurate detection phase, by merging and pruning the layout and interaction information of all user interfaces (UIs) at the application runtime, we obtain the birthmark named merged layout tree (MLT), which can resist nested obfuscation and repacking attack. Finally, cloned apps are detected by calculating the similarity between MLTs from suspicious cloned apps. We evaluate our detection scheme in two app datasets (nearly 170,000 Android applications) and compare it with the state‐of‐the‐art clone detection methods. Extensive experiments show that our method has high accuracy and efficiency for clone detection in large‐scale apps.

中文翻译:

一种准确高效的检测Android克隆应用程序的两阶段方案

快速增长的Android应用程序市场吸引了越来越多的应用程序开发人员。但是,许多窃者使用反编译工具来修改原始应用程序以获取克隆,这已成为严重的威胁。对于检测克隆的应用程序,大多数现有方案都不会同时考虑检测到的准确性和时间消耗。在本文中,我们提出了一种两阶段检测方案,以在大规模应用中实现快速准确的克隆检测。在快速筛选阶段,将为每个应用程序构建一个定长的minhash摘要,并使用局部敏感哈希(LSH)算法快速获取可疑克隆的应用程序。在准确的检测阶段,通过在应用程序运行时合并和修剪所有用户界面(UI)的布局和交互信息,我们获得了名为合并布局树(MLT)的胎记,它可以抵抗嵌套的混淆和重新打包攻击。最后,通过计算可疑克隆应用程序的MLT之间的相似度来检测克隆应用程序。我们在两个应用程序数据集中(近170,000个Android应用程序)评估了我们的检测方案,并将其与最新的克隆检测方法进行了比较。大量的实验表明,我们的方法对于大规模应用中的克隆检测具有很高的准确性和效率。
更新日期:2020-09-19
down
wechat
bug