English
Related papers

Related papers: LibDB: An Effective and Efficient Framework for De…

200 papers

Third-party libraries (TPLs) are extensively utilized by developers to expedite the software development process and incorporate external functionalities. Nevertheless, insecure TPL reuse can lead to significant security risks. Existing…

Software Engineering · Computer Science 2023-09-13 Siyuan Li , Yongpan Wang , Chaopeng Dong , Shouguo Yang , Hong Li , Hao Sun , Zhe Lang , Zuxin Chen , Weijie Wang , Hongsong Zhu , Limin Sun

Third-party libraries (TPL) are becoming increasingly popular to achieve efficient and concise software development. However, unregulated use of TPL will introduce legal and security issues in software development. Consequently, some…

Software Engineering · Computer Science 2025-04-29 Yayi Zou , Yixiang Zhang , Guanghao Zhao , Yueming Wu , Shuhao Shen , Cai Fu

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs to facilitate their app development. Unfortunately, the popularity of TPLs also brings new security issues. For…

Software Engineering · Computer Science 2021-08-05 Xian Zhan , Tianming Liu , Yepang Liu , Yang Liu , Li Li , Haoyu Wang , Xiapu Luo

Accurate detection of third-party libraries (TPLs) is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains…

Cryptography and Security · Computer Science 2025-09-08 Jintao Gu , Haolang Lu , Guoshun Nan , Yihan Lin , Kun Wang , Yuchun Guo , Yigui Cao , Yang Liu

While third-party libraries are extensively reused to enhance productivity during software development, they can also introduce potential security risks such as vulnerability propagation. Software composition analysis, proposed to identify…

Software Engineering · Computer Science 2024-08-27 Ling Jiang , Junwen An , Huihui Huang , Qiyi Tang , Sen Nie , Shi Wu , Yuqun Zhang

Software development comprises the use of multiple Third-Party Libraries (TPLs). However, the irrelevant libraries present in software application's distributable often lead to excessive consumption of resources such as CPU cycles, memory,…

Software Engineering · Computer Science 2022-02-23 Ritu Kapur , Poojith U Rao , Agrim Dewan , Balwinder Sodhi

With the rapid growth of software, using third-party libraries (TPLs) has become increasingly popular. The prosperity of the library usage has provided the software engineers with handful of methods to facilitate and boost the program…

Software Engineering · Computer Science 2022-04-19 Can Yang , Zhengzi Xu , Hongxu Chen , Yang Liu , Xiaorui Gong , Baoxu Liu

Third-Party Library (TPL) detection, which identifies reused libraries in binary code, is critical for software security analysis. At its core, TPL detection depends on binary decomposition-the process of partitioning a monolithic binary…

Software Engineering · Computer Science 2025-12-10 Ang Jia , He Jiang , Zhilei Ren , Xiaochen Li , Zhipeng Yang , Yaxin Duan , Ming Fan , Ting Liu

Third-party libraries (TPLs) have been widely used in mobile apps, which play an essential part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one hand, it can ease the development of mobile apps. On the other…

Software Engineering · Computer Science 2021-08-10 Xian Zhan , Tianming Liu , Lingling Fan , Li Li , Sen Chen , Xiapu Luo , Yang Liu

Nowadays, software development progresses rapidly to incorporate new features. To facilitate such growth and provide convenience for developers when creating and updating software, reusing open-source software (i.e., thirdparty library…

Software Engineering · Computer Science 2024-12-02 Shangzhi Xu , Jialiang Dong , Weiting Cai , Juanru Li , Arash Shaghaghi , Nan Sun , Siqi Ma

Vetting security impacts introduced by third-party libraries in iOS apps requires a reliable library detection technique. Especially when a new vulnerability (or a privacy-invasive behavior) was discovered in a third-party library, there is…

Cryptography and Security · Computer Science 2022-07-06 Jingyi Guo , Min Zheng , Yajin Zhou , Haoyu Wang , Lei Wu , Xiapu Luo , Kui Ren

We propose a system, named ATVHunter, which can pinpoint the precise vulnerable in-app TPL versions and provide detailed information about the vulnerabilities and TPLs. We propose a two-phase detection approach to identify specific TPL…

Software Engineering · Computer Science 2021-11-09 Xian Zhan , Lingling Fan , Sen Chen , Feng Wu , Tianming Liu , Xiapu Luo , Yang Liu

The prevalent use of third-party libraries (TPLs) in modern software development introduces significant security and compliance risks, necessitating the implementation of Software Composition Analysis (SCA) to manage these threats. However,…

Software Engineering · Computer Science 2025-03-31 Lyuye Zhang , Chengwei Liu , Jiahui Wu , Shiyang Zhang , Chengyue Liu , Zhengzi Xu , Sen Chen , Yang Liu

Android applications (apps) integrate reusable and well-tested third-party libraries (TPLs) to enhance functionality and shorten development cycles. However, recent research reveals that TPLs have become the largest attack surface for…

Cryptography and Security · Computer Science 2025-06-19 Bolin Zhou , Jingzheng Wu , Xiang Ling , Tianyue Luo , Jingkun Zhang

While reusing third-party libraries (TPL) facilitates software development, its chaotic management has brought great threats to software maintenance and the unauthorized use of source code also raises ethical problems such as misconduct on…

Software Engineering · Computer Science 2025-08-05 Lida Zhao , Chaofan Li , Yueming Wu , Lyuye Zhang , Jiahui Wu , Chengwei Liu , Sen Chen , Yutao Hu , Zhengzi Xu , Yi Liu , Jingquan Ge , Jun Sun , Yang Liu

Recognizing vulnerabilities in stripped binary files presents a significant challenge in software security. Although some progress has been made in generating human-readable information from decompiled binary files with Large Language…

Cryptography and Security · Computer Science 2025-05-29 Nasir Hussain , Haohan Chen , Chanh Tran , Philip Huang , Zhuohao Li , Pravir Chugh , William Chen , Ashish Kundu , Yuan Tian

Smart contracts are self-executing programs that manage financial transactions on blockchain networks. Developers commonly rely on third-party code libraries to improve both efficiency and security. However, improper use of these libraries…

Software Engineering · Computer Science 2026-04-02 Yishun Wang , Wenkai Li , Xiaoqi Li , Zongwei Li , Lei Xie , Yuqing Zhang

Much software, whether beneficent or malevolent, is distributed only as binaries, sans source code. Absent source code, understanding binaries' behavior can be quite challenging, especially when compiled under higher levels of compiler…

Software Engineering · Computer Science 2021-09-20 Toufique Ahmed , Premkumar Devanbu , Anand Ashok Sawant

Enforcing open source licenses such as the GNU General Public License (GPL), analyzing a binary for possible vulnerabilities, and code maintenance are all situations where it is useful to be able to determine the source code provenance of a…

Cryptography and Security · Computer Science 2017-11-03 Dhaval Miyani , Zhen Huang , David Lie

Third-party libraries (TPLs) are frequently reused in software to reduce development cost and the time to market. However, external library dependencies may introduce vulnerabilities into host applications. The issue of library dependency…

Software Engineering · Computer Science 2022-09-21 Wei Tang , Zhengzi Xu , Chengwei Liu , Jiahui Wu , Shouguo Yang , Yi Li , Ping Luo , Yang Liu
‹ Prev 1 2 3 10 Next ›