Volume 9 - Issue 3
Open-Source Android App Detection considering the Effects of Code Obfuscation
- Kyeonghwan Lim
Dankook University, Yongin, Republic of Korea
limkh120@dankook.ac.kr
- Jungkyu Han
NAVER Corp., Seongnam, Republic of Korea
jungkyu.han@navercorp.com
- Byoung-chir Kim
Dankook University, Yongin, Republic of Korea
gurukbc@dankook.ac.kr
- Seong-je Cho
Dankook University, Yongin, Republic of Korea
sjcho@dankook.ac.kr
- Minkyu Park
Konkuk University, Chungju, Republic of Korea
minkyup@kku.ac.kr
- Sangchul Han
Konkuk University, Chungju, Republic of Korea
schan@kku.ac.kr
Keywords: Open Source Software, similarity, control flow graph, class hierarchy information
Abstract
As open source software (Open Source Software, OSS) is becoming more and more popular, the
risk of open-source license violation also increases. According to 2018 open source security and
risk analysis report of Synopsys, 96% of applications (apps) include open source software and 74%
of them them have licensing issues. To address this problem, many researchers have studied opensource
licensing and OSS detection. However, most ones have conducted at source code level and
have not considered the effects of code obfuscation. In this paper, we propose an effective technique
to extract software birthmarks (i.e., features) from executable code of Android apps and find
out whether the executable code is created from OSS by comparing the birthmarks of the executable
code and those of known open-source apps. The proposed technique uses class hierarchy information
(CHI) and control flow graphs (CFGs) as software birthmarks of Java bytecode code level. The
CFG birthmark is robust against code obfuscation attacks and thus effective to detect open-source
apps although their codes are obfuscated. We validate the proposed OSS detection technique through
experiments on obfuscated apps.