SPRD-基于应用UI和程序依赖图的Android重打包应用快速检测方法

第39卷第3期通信学报V ol.39No.3 2018年3月Journal on Communications March 2018 SPRD：基于应用UI和程序依赖图的

Android重打包应用快速检测方法

汪润1,2,3，王丽娜1,2,3，唐奔宵1,2,3，赵磊1,2,3

（1. 武汉大学空天信息安全与可信计算教育部重点实验室，湖北武汉 430072；

2. 武汉大学计算机学院，湖北武汉 430072；

3. 武汉大学国家网络安全学院，湖北武汉 430072）

摘 要：研究发现重打包应用通常不修改应用用户交互界面（UI, user interface）的结构，提出一种基于应用UI

和程序代码的两阶段检测方法。首先，设计了一种基于UI抽象表示的散列快速相似性检测方法，识别UI相似的

可疑重打包应用；然后，使用程序依赖图作为应用特征表示，实现细粒度、精准的代码克隆检测。基于所提方法

实现了一种原型系统——SPRD（scalable and precise repacking detection），实验验证所提方法具有良好的可扩展性

和准确性，可以有效地应用于百万级应用和亿万级代码的大规模应用市场。

关键词：重打包；代码克隆；用户界面；程序依赖图；安全与隐私

中图分类号：TP309.1

文献标识码：A

doi: 10.11959/j.issn.1000-436x.2018045

SPRD: fast application repackaging detection

approach in Android based on application’s

UI and program dependency graph

WANG Run1,2,3, WANG Li’na1,2,3, TANG Benxiao1,2,3, ZHAO Lei1,2,3

1. Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education, Wuhan University, Wuhan 430072, China

2. School of Computer, Wuhan University, Wuhan 430072, China

3. School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China

Abstract: A two stage detection approach which combine application’s UI and program code based on the observation that repackaging applications merely modify the structure of their user interface was proposed. Firstly, a fast hash similar-

ity detection technique based on an abstracted representation of UI to identify the potential visual-similar repackaging applications was designed. Secondly, program dependency graph is used to represent as the feature of app to achieve fi-

ne-grained and precise code clone detection. A prototype system, SPRD, was implemented based on the proposed ap-

proach. Experimental results show that the proposed approach achieves a good performance in both scalability and accu-

racy, and can be effectively applied in millions of applications and billions of code detection.

Key words: repackaging, code clone, user interface, program dependency graph, security and privacy

收稿日期：2017-08-09；修回日期：2017-12-21

通信作者：王丽娜，lnwang@https://www.360docs.net/doc/5517565598.html,

基金项目：国家自然科学基金资助项目（No.U1536204, No.61672394, No.61373169, No.61672393）；国家高技术研究发展计划（“863”计划）基金资助项目（No.2015AA016004）

Foundation Items: The National Natural Science Foundation of China (No.U1536204, No.61672394, No.61373169, No.61672393), The National High Technology Research and Development Program of China (863 Program) (No.2015AA016004)

2018045-1

万方数据