CN113656794A

CN113656794A - Method and device for identifying third-party SDK referenced by Android application

Info

Publication number: CN113656794A
Application number: CN202110953960.XA
Authority: CN
Inventors: 罗明宇; 高媛媛; 刘庆文; 杨有为; 赵志文
Original assignee: CCB Finetech Co Ltd
Current assignee: CCB Finetech Co Ltd
Priority date: 2021-08-19
Filing date: 2021-08-19
Publication date: 2021-11-16

Abstract

The invention discloses a method and a device for identifying a third-party SDK referenced by an Android application, and relates to the field of software development and application, wherein the method comprises the following steps: performing decompiling on the received Android application package, and extracting a package name list from a decompiled Android manifest. Extracting a file name list of all dynamic link libraries under the decompiled lib directory; determining the packet name length aiming at each packet name in the packet name list, and acquiring an associated data subset corresponding to the packet name length; and matching each package name with the package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK. The invention can improve the identification efficiency of the third-party SDK.

Description

Method and device for identifying third-party SDK referenced by Android application

Technical Field

The invention relates to the technical field of software development and application, in particular to a method and a device for identifying a third-party SDK referenced by an Android application.

Background

This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.

Third-party Software Development Kit (SDK), which is a service package (SDK) generally packaged by a third-party service provider as a tool package for developers to use, common services include advertisements, data, social networks, maps, push platforms, and the like, and the principle of the SDK is to package complex logic and implementation processes into an easy-to-use interface for other developers to use. The third-party SDK is an important reusable software resource, is favored by developers on a mobile application platform, and has increasingly wide application range. The third-party SDK is used for development, so that the development efficiency can be effectively improved, and the project can be more mature and stable.

However, with the large-scale reference of the third-party SDKs, certain risk factors such as privacy disclosure, security vulnerabilities, and the like are also introduced, so that the security risks need to be better managed and controlled by identifying the third-party SDKs referenced by the Android applications. In the prior art, a package name is generally used as a third-party SDK feature, and a corresponding SDK is found by comparison in associated data. The third-party SDK is identified by taking the package name as the feature, all data items need to be compared in the associated data every time, the comparison efficiency is not high, and the efficiency is reduced increasingly along with the increase of the associated data. Meanwhile, the package name is not unique, a developer can name the package name at will according to the format, and under the condition, only the package name is used as the correlation characteristic, and a certain error exists in the identification result.

Disclosure of Invention

The embodiment of the invention provides a method for identifying a third-party SDK referenced by an Android application, which is used for improving the identification efficiency of the third-party SDK and reducing errors existing in an identification result, and comprises the following steps:

when receiving an Android application package of a target application, performing decompiling on the Android application package to obtain a decompiled file, wherein the decompiled file comprises an Android manifest.

Extracting a package name list of a target application from an android manifest.

Traversing the lib directory to obtain a file name list of all dynamic link libraries under the lib directory;

determining the packet name length aiming at each packet name in the packet name list, and acquiring an associated data subset corresponding to the packet name length, wherein the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length;

and matching each package name with the package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK.

In an implementation manner of the embodiment of the present invention, before obtaining the associated data subset corresponding to the packet name length, the method further includes:

acquiring known third-party SDKs, and extracting specified characteristics of each third-party SDK, wherein the specified characteristics comprise package name length, package names and dynamic link library names;

and storing the specified characteristics of the third-party SDK with the same packet name length into the associated data subsets with the packet name length as the identification, wherein the associated data subsets with all the packet name lengths form the associated data set of the third-party SDK.

In an implementation manner of the embodiment of the present invention, the method further includes:

reading the number of specified separation symbols in the packet name;

the number of designated separator symbols plus 1 is determined as the packet name length.

if the third party SDK does not have a dynamic link library, the dynamic link library name is set to null.

In an implementation manner of the embodiment of the present invention, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in a lib directory, and if the same dynamic link library name exists, determining that a third party SDK is referred by a target application includes:

and if the dynamic link library name corresponding to the same package name is null, determining that the target application references the third-party SDK.

In an implementation manner of the embodiment of the present invention, extracting a package name list of a target application from an android manifest.

And analyzing the android Manifest xml file, and extracting a value with the attribute of android: name from tags with the tag names of activity, service, provider and rechver of the android Manifest xml file to obtain a package name list of the target application.

In an implementation manner of the embodiment of the present invention, after matching each package name with a package name in the associated data subset, the method further includes:

if the same package name is not stored in the associated subset of data, it is determined that the target application does not have a third party SDK referencing the package name.

In an implementation manner of the embodiment of the present invention, after matching the name of the dynamic link library corresponding to the same package name with a file name list of a dynamic link library in a lib directory, the method further includes:

if the same dynamic link library name does not exist, it is determined that the target application does not have a third party SDK referencing the package name.

The embodiment of the invention also provides a device for identifying the third-party SDK quoted by the Android application, which is used for improving the identification efficiency of the third-party SDK and reducing the error of the identification result, and the device comprises:

the decompiling module is used for decompiling the Android application package when receiving the Android application package of the target application to obtain a decompiled file, and the decompiled file comprises an Android manifest.

The extraction module is used for extracting a package name list of the target application from the android manifest.

The extraction module is also used for traversing the lib directory and acquiring a file name list of all dynamic link libraries under the lib directory;

the extraction module is further used for determining the packet name length for each packet name in the packet name list, and the acquisition module acquires an associated data subset corresponding to the packet name length, wherein the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length;

and the matching module is used for matching each package name with the package name in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of the dynamic link library in the lib directory if the same package name is stored in the associated data subset, and determining that the target application refers to the third-party SDK if the same dynamic link library name exists.

In one implementation of an embodiment of the present invention,

the acquisition module is also used for acquiring known third-party SDKs, and the extraction module extracts the specified characteristics of each third-party SDK, wherein the specified characteristics comprise package name length, package name and dynamic link library name;

and the storage module is used for storing the specified characteristics of the third-party SDK with the same packet name length into the associated data subsets with the packet name length as the identification, and the associated data subsets with all the packet name lengths form the associated data set of the third-party SDK.

In an implementation manner of the embodiment of the present invention, the extraction module is further configured to:

reading the number of specified separation symbols in the packet name;

In an implementation manner of the embodiment of the present invention, the matching module is configured to:

In an implementation manner of the embodiment of the present invention, the extraction module is configured to:

In an implementation manner of the embodiment of the present invention, the matching module is further configured to:

The embodiment of the invention also provides computer equipment which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor realizes the method for identifying the third-party SDK referenced by the Android application when executing the computer program.

An embodiment of the present invention further provides a computer-readable storage medium, where a computer program for executing the method for identifying the third-party SDK referenced by the Android application is stored in the computer-readable storage medium.

In the embodiment of the invention, the package name and the dynamic link library name of the third-party SDK with the same package name length are stored in the same associated data subset, after the Android application package of the target application is received, the application package is decompiled, a package name list and a file name list of a dynamic link library are obtained by analyzing a decompiled file, the corresponding associated data subset is determined according to the package name length for each package name in the package name list, the package name and the dynamic link library name obtained by analyzing are matched with the package name and the dynamic link library name stored in the associated data subset, and the third-party SDK is introduced into the target application after the matching is successful. Therefore, the matching range of the package name and the dynamic link library name is reduced according to the length of the package name, so that only data in a subset with the same length is compared when the package name is compared, the times of comparing the package name are reduced, and the comparison efficiency is improved; meanwhile, compared with the prior art that only package name comparison is used, the matching feature of dynamic link library names is added, the problem that the identification result is not accurate enough due to the fact that a single feature is used for identifying the third-party SDK is solved, the identification error caused by package name conflict is reduced, and the identification accuracy is improved.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:

fig. 1 is a flowchart of a method for identifying a third-party SDK referenced by an Android application in an embodiment of the present invention;

FIG. 2 is a schematic diagram of an associated data set constructed in an embodiment of the invention;

FIG. 3 is another flowchart of a method for identifying an Android application-referenced third-party SDK according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a device for identifying a third-party SDK referenced by an Android application in the embodiment of the present invention;

FIG. 5 is a schematic structural diagram of a computer device according to an embodiment of the present invention;

fig. 6 is a system architecture diagram of a computer device according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.

The embodiment of the invention provides a method for identifying a third-party SDK referenced by an Android application, which comprises the following steps of 101 to 105:

101, when receiving an Android application package of a target application, performing decompiling on the Android application package to obtain a decompiled file.

Wherein the decompiled file comprises an android manifest.

Xml file is the information description file of the whole application program, and defines the activity, service, content provider and broadcast receiver component information contained in the application program. Xml files must be contained under the root directory for each application, and the file name cannot be modified.

The Android application package is written in a machine executable language, and in order to read and identify the content in the Android application package, the package needs to be decompiled. The decompilation process is completed by using the existing technology in the prior art, and is not described herein.

In order to confirm that the received Android application package is the Android application package, before the Android application package is decompiled, whether the received file is an apk file is also checked, and if the received file is the apk file with the extension name of apk, the received Android application package is determined.

And 102, extracting a package name list of the target application from the android manifest.

The method comprises the steps of specifically, an android manifest, an xml file is a file in an xml format, and by analyzing the android manifest, the value with the attribute of android: name is extracted from tags with the tag names of activity, service, provider and recher of the android manifest, and the value written in the attribute of name is a package name, so that a package name list of a target application is obtained.

Step 103, traversing the lib directory to obtain the file name lists of all dynamic link libraries under the lib directory.

Dynamic Link Library (DLL), a non-executable binary program file that allows programs to share code and other resources necessary to perform specific tasks, is one way to implement the concept of a shared Library of functions. The file name list of the dynamic link library can be obtained by reading the name of the file with the extension name of ". so" under the lib directory.

And step 104, determining the packet name length aiming at each packet name in the packet name list, and acquiring the associated data subset corresponding to the packet name length.

And the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length.

The packet name format is usually a.b.c.d, the packet name length is divided by the symbol ". times", therefore, the ". times" is taken as a specified division symbol, the packet name length can be determined by reading the number of the specified division symbols in the packet name and adding 1 to the number of the specified division symbols, or the number of division items divided by the specified division symbols is taken as the packet name length, such as 4 for the packet name length of a.b.c.d and 5 for the packet name length of a.b.c.d.e.

Before acquiring the associated data subset corresponding to the package name length, acquiring known third-party SDKs, and extracting the specified characteristics of each third-party SDK, wherein the specified characteristics comprise the package name length, the package name and the dynamic link library name; and storing the specified characteristics of the third-party SDK with the same packet name length into the associated data subsets with the packet name length as the identification, wherein the associated data subsets with all the packet name lengths form the associated data set of the third-party SDK. This forms a subset of the associated data with the entry length as a sorting criterion.

Illustratively, FIG. 2 is a schematic diagram of the resulting associated data set. Referring to fig. 2, each package name length corresponds to an associated data subset in which the package name, the library name (i.e., the dynamic link library name), and the corresponding SDK name are stored.

Further, there is also a case where the third-party SDK does not have a dynamic link library, in which case the dynamic link library name is set to null.

And 105, matching each package name with a package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK.

That is to say, firstly, package name matching is carried out, when the package name extracted from the Android application package is the same as the package name of the third-party SDK, then dynamic link library name matching is carried out, and because the situation that the package names and the dynamic link libraries are completely the same for two different SDKs rarely exists, the package names and the dynamic link library names are matched, so that a more accurate identification result of the third-party SDK can be obtained.

And if the package name is matched, the package name extracted from the Android application package is determined to be the same as the package name of the third-party SDK, and the dynamic link library name of the third-party SDK stored in the associated data subset is empty, determining that the third-party SDK is quoted by the target application.

In one implementation of the embodiment of the present invention, after matching each package name with a package name in the associated data subset, if the same package name is not stored in the associated data subset, it is determined that the target application does not refer to the third party SDK of the package name.

In another implementation, after matching the dynamic link library name corresponding to the same package name with the file name list of the dynamic link library in the lib directory, if the same dynamic link library name does not exist, it is determined that the target application does not refer to the third-party SDK of the package name.

Each package name extracted from the Android application package is matched with the associated data subset, if any package name is successfully matched with the dynamic link library name, the third-party SDK is determined to be referred, and the third-party SDK is determined to be referred according to the SDK name stored in the associated data subset; if all package names and dynamic link library names do not match successfully, it is determined that the third party SDK is not referenced.

After the third-party SDK is quoted and which third-party SDK is quoted is determined, risk detection can be conducted on the quoted third-party SDK in a targeted mode, and safety of the Android application package is improved.

As shown in fig. 3, in order to facilitate understanding of the complete identification process, an embodiment of the present invention further provides a flowchart of another method for identifying an third-party SDK referenced by an Android application, where steps described in the flowchart are substantially the same as those in the foregoing step 101 to step 105, and are not described herein again.

The embodiment of the invention also provides a device for identifying the third-party SDK referenced by the Android application, which is described in the following embodiment. Because the principle of the device for solving the problems is similar to the method for identifying the third-party SDK referenced by the Android application, the implementation of the device can refer to the implementation of the method for identifying the third-party SDK referenced by the Android application, and repeated parts are not repeated.

As shown in fig. 4, the apparatus 400 includes a decompilation module 401, an extraction module 402, an acquisition module 403, and a matching module 404.

The decompiling module 401 is configured to, when receiving an Android application package of a target application, decompile the Android application package to obtain a decompiled file, where the decompiled file includes an Android manifest.

An extracting module 402, configured to extract a package name list of a target application from an android manifest.

The extracting module 402 is further configured to traverse the lib directory, and obtain a list of filenames of all dynamic link libraries under the lib directory;

the extracting module 402 is further configured to determine a package name length for each package name in the package name list, and the obtaining module 403 obtains an associated data subset corresponding to the package name length, where the package name and the dynamic link library name of the third-party SDK with the same package name length are stored in the associated data subset;

a matching module 404, configured to match each package name with a package name in the associated data subset, match a dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory if the same package name is stored in the associated data subset, and determine that the third party SDK is referred to by the target application if the same dynamic link library name exists.

In one implementation of an embodiment of the present invention,

reading the number of specified separation symbols in the packet name;

An embodiment of the present invention further provides a computer device, and fig. 5 is a schematic diagram of the computer device in the embodiment of the present invention, where the computer device is capable of implementing all steps in the method for identifying an Android application-referenced third-party SDK in the embodiment, and the computer device specifically includes the following contents:

a processor (processor)501, a memory (memory)502, a communication Interface (Communications Interface)503, and a communication bus 504;

the processor 501, the memory 502 and the communication interface 503 complete mutual communication through the communication bus 504; the communication interface 503 is used for implementing information transmission between related devices;

the processor 501 is configured to call a computer program in the memory 502, and when the processor executes the computer program, the method for identifying the third-party SDK referenced by the Android application in the above embodiment is implemented.

Fig. 6 is a schematic diagram of a system configuration of a computer device according to an embodiment of the present invention. As shown in fig. 6, the computer device 600 may include a processor 601 and a memory 602; a memory 602 is coupled to the processor 601. Notably, this FIG. 6 is exemplary; other types of structures may also be used in addition to or in place of the structure to implement telecommunications or other functions.

In one embodiment, the functionality implemented by the method of identifying third party SDKs referenced by Android applications may be integrated into the processor 601. Wherein the processor 601 may be configured to control as follows: when receiving an Android application package of a target application, performing decompiling on the Android application package to obtain a decompiled file, wherein the decompiled file comprises an Android manifest. Extracting a package name list of a target application from an android manifest. Traversing the lib directory to obtain a file name list of all dynamic link libraries under the lib directory; determining the packet name length aiming at each packet name in the packet name list, and acquiring an associated data subset corresponding to the packet name length, wherein the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length; and matching each package name with the package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK.

As can be seen from the above, the computer device provided in the embodiment of the present invention executes the following method to identify whether the Android application refers to the third-party SDK: when receiving an Android application package of a target application, performing decompiling on the Android application package to obtain a decompiled file, wherein the decompiled file comprises an Android manifest. Extracting a package name list of a target application from an android manifest. Traversing the lib directory to obtain a file name list of all dynamic link libraries under the lib directory; determining the packet name length aiming at each packet name in the packet name list, and acquiring an associated data subset corresponding to the packet name length, wherein the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length; and matching each package name with the package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK.

Through the computer equipment provided by the embodiment of the invention, the identification efficiency of the third-party SDK can be improved, and the error of the identification result can be reduced.

In another embodiment, the device for identifying the third-party SDK referenced by the Android application may be configured separately from the processor 601, for example, the device for identifying the third-party SDK referenced by the Android application may be configured as a chip connected to the processor 601, and the function of the method for identifying the third-party SDK referenced by the Android application is implemented by the control of the processor.

As shown in fig. 6, the computer device 600 may further include: a communication module 603, an input unit 604, an audio processing unit 605, a display 606, a power supply 603. It is noted that the computer device 600 does not necessarily include all of the components shown in FIG. 6; furthermore, the computer device 600 may also comprise components not shown in fig. 6, as can be seen in the prior art.

As shown in FIG. 6, the processor 601, also sometimes referred to as a controller or operational control, may comprise a microprocessor or other processor device and/or logic device, which processor 601 receives input and controls the operation of the various components of the computer device 600.

The memory 602 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information relating to the failure may be stored, and a program for executing the information may be stored. And the processor 601 may execute the program stored in the memory 602 to realize information storage or processing, or the like.

An input unit 604 provides input to the processor 601. The input unit 604 is, for example, a key or a touch input device. The power supply 603 is used to provide power to the computer device 600. The display 606 displays display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.

The memory 602 may be a solid state memory such as Read Only Memory (ROM), Random Access Memory (RAM), a SIM card, or the like. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes called an EPROM or the like. The memory 602 may also be some other type of device. Memory 602 includes buffer memory 6021 (sometimes referred to as a buffer). The memory 602 may include an application/function storage portion 6022 for storing application programs and function programs or a flow for executing the operation of the computer device 600 by the processor 601.

The memory 602 may also include a data store 6023 that stores data such as contacts, digital data, pictures, sounds, and/or any other data used by the computer device. The driver store 6024 of the memory 602 may include various drivers for the computer device for communication functions and/or for performing other functions of the computer device, such as messaging applications, address book applications, and the like.

The communication module 603 is a transmitter/receiver that transmits and receives signals via the antenna 608. A communication module (transmitter/receiver) 603 is coupled to the processor 601 to provide an input signal and receive an output signal, which may be the same as in the case of a conventional mobile communication terminal.

Based on different communication technologies, a plurality of communication modules 603, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, may be provided in the same computer device. The communication module (transmitter/receiver) 603 is also coupled to a speaker 609 and a microphone 610 via an audio processing unit 605 to provide audio output via the speaker 609 and to receive audio input from the microphone 610 to implement general telecommunications functions. The audio processing unit 605 may include any suitable buffers, decoders, amplifiers and so forth. In addition, audio processing unit 605 is also coupled to processor 601 so that locally stored sound can be recorded by microphone 610 and played by speaker 609.

An embodiment of the present invention further provides a computer-readable storage medium for implementing all steps in the method for identifying an Android application-referenced third-party SDK in the foregoing embodiments, where a computer program is stored on the computer-readable storage medium, and when being executed by a processor, the computer program implements all steps of the method for identifying an Android application-referenced third-party SDK in the foregoing embodiments, for example, when the processor executes the computer program, the processor implements the following steps: when receiving an Android application package of a target application, performing decompiling on the Android application package to obtain a decompiled file, wherein the decompiled file comprises an Android manifest. Extracting a package name list of a target application from an android manifest. Traversing the lib directory to obtain a file name list of all dynamic link libraries under the lib directory; determining the packet name length aiming at each packet name in the packet name list, and acquiring an associated data subset corresponding to the packet name length, wherein the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length; and matching each package name with the package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK.

As can be seen from the above, the computer-readable storage medium provided in the embodiments of the present invention stores a computer program that executes the method of: when receiving an Android application package of a target application, performing decompiling on the Android application package to obtain a decompiled file, wherein the decompiled file comprises an Android manifest. Extracting a package name list of a target application from an android manifest. Traversing the lib directory to obtain a file name list of all dynamic link libraries under the lib directory; determining the packet name length aiming at each packet name in the packet name list, and acquiring an associated data subset corresponding to the packet name length, wherein the associated data subset stores the packet name and the dynamic link library name of the third-party SDK with the same packet name length; and matching each package name with the package name in the associated data subset, if the same package name is stored in the associated data subset, matching the dynamic link library name corresponding to the same package name with a file name list of a dynamic link library in the lib directory, and if the same dynamic link library name exists, determining that the target application refers to the third-party SDK.

Through the computer-readable storage medium provided by the embodiment of the invention, the identification efficiency of the third-party SDK can be improved, and the error of the identification result can be reduced.

Although the present invention provides method steps as described in the examples or flowcharts, more or fewer steps may be included based on routine or non-inventive labor. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. When an actual apparatus or client product executes, it may execute sequentially or in parallel (e.g., in the context of parallel processors or multi-threaded processing) according to the embodiments or methods shown in the figures.

As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, apparatus (system) or computer program product. Accordingly, embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment. In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. The terms "upper", "lower", and the like, indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience in describing the present invention and simplifying the description, but do not indicate or imply that the referred devices or elements must have a specific orientation, be constructed and operated in a specific orientation, and thus, should not be construed as limiting the present invention. Unless expressly stated or limited otherwise, the terms "mounted," "connected," and "connected" are intended to be inclusive and mean, for example, that they may be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations. It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict. The present invention is not limited to any single aspect, nor is it limited to any single embodiment, nor is it limited to any combination and/or permutation of these aspects and/or embodiments. Each aspect and/or embodiment of the invention can be used alone or in combination with one or more other aspects and/or embodiments.

The above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the present invention, and they should be construed as being included in the following claims and description.

Claims

1. A method for identifying a third-party SDK referenced by an Android application is characterized by comprising the following steps:

2. The method of claim 1, wherein prior to obtaining the associated subset of data corresponding to the packet name length, the method further comprises:

3. The method according to claim 1 or 2, characterized in that the method further comprises:

reading the number of specified separation symbols in the packet name;

4. The method of claim 2, further comprising:

5. The method of claim 4, wherein matching the name of the dynamic link library corresponding to the same package name with a list of file names of dynamic link libraries in the lib directory, and if the same name of the dynamic link library exists, determining that the target application references the third-party SDK comprises:

6. The method of claim 1, wherein extracting a list of package names of target applications from an android manifest.

7. The method of claim 1, wherein after matching each package name to a package name in the associated data subset, the method further comprises:

8. The method of claim 1, wherein after matching the name of the dlbs corresponding to the same package name with the list of filenames of dlbs in lib directory, the method further comprises:

9. An apparatus for identifying third-party SDKs referenced by Android applications, the apparatus comprising:

10. The apparatus of claim 9,

11. The apparatus of claim 9 or 10, wherein the extraction module is further configured to:

reading the number of specified separation symbols in the packet name;

12. The apparatus of claim 10, wherein the extraction module is further configured to:

13. The apparatus of claim 12, wherein the matching module is configured to:

14. The apparatus of claim 9, wherein the extraction module is configured to:

15. The apparatus of claim 9, wherein the matching module is further configured to:

16. The apparatus of claim 9, wherein the matching module is further configured to:

17. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 8 when executing the computer program.

18. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for executing the method of any one of claims 1 to 8.