Research on third-party libraries in android apps: A taxonomy and systematic literature review
Third-party libraries (TPLs) have been widely used in mobile apps, which play an essential
part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one …
part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one …
Atvhunter: Reliable version detection of third-party libraries for vulnerability identification in android applications
Third-party libraries (TPLs) as essential parts in the mobile ecosystem have become one of
the most significant contributors to the huge success of Android, which facilitate the fast …
the most significant contributors to the huge success of Android, which facilitate the fast …
Codecmr: Cross-modal retrieval for function-level binary source code matching
Binary source code matching, especially on function-level, has a critical role in the field of
computer security. Given binary code only, finding the corresponding source code improves …
computer security. Given binary code only, finding the corresponding source code improves …
Patch based vulnerability matching for binary programs
The binary-level function matching has been widely used to detect whether there are 1-day
vulnerabilities in released programs. However, the high false positive is a challenge for …
vulnerabilities in released programs. However, the high false positive is a challenge for …
A large-scale empirical analysis of the vulnerabilities introduced by third-party components in IoT firmware
As the core of IoT devices, firmware is undoubtedly vital. Currently, the development of IoT
firmware heavily depends on third-party components (TPCs), which significantly improves …
firmware heavily depends on third-party components (TPCs), which significantly improves …
ModX: binary level partially imported third-party library detection via program modularization and semantic matching
With the rapid growth of software, using third-party libraries (TPLs) has become increasingly
popular. The prosperity of the library usage has provided the software engineers with a …
popular. The prosperity of the library usage has provided the software engineers with a …
CENTRIS: A precise and scalable approach for identifying modified open-source software reuse
Open-source software (OSS) is widely reused as it provides convenience and efficiency in
software development. Despite evident benefits, unmanaged OSS components can …
software development. Despite evident benefits, unmanaged OSS components can …
Pdiff: Semantic-based patch presence testing for downstream kernels
Open-source kernels have been adopted by massive downstream vendors on billions of
devices. However, these vendors often omit or delay the adoption of patches released in the …
devices. However, these vendors often omit or delay the adoption of patches released in the …
Third-party library dependency for large-scale SCA in the C/C++ ecosystem: How far are we?
Existing software composition analysis (SCA) techniques for the C/C++ ecosystem tend to
identify the reused components through feature matching between target software project …
identify the reused components through feature matching between target software project …
Towards understanding third-party library dependency in c/c++ ecosystem
Third-party libraries (TPLs) are frequently reused in software to reduce development cost
and the time to market. However, external library dependencies may introduce …
and the time to market. However, external library dependencies may introduce …