Xiang Li, Chao Zheng, Chengwei Zhang, Shu Li, Li Guo, J. Xu
{"title":"AppTwins:一种在网络流量中识别应用程序包的新方法","authors":"Xiang Li, Chao Zheng, Chengwei Zhang, Shu Li, Li Guo, J. Xu","doi":"10.1109/IACS.2017.7921975","DOIUrl":null,"url":null,"abstract":"The smartphone applications have taken place of the web browser and became the user's primary internet entrance. One application's popularity can be measured by its downloading times, and it is valuable for commercial advertising. Identifying app installation packages from network traffic is one of the most feasible approaches to collect these data. But asymmetric routing, incomplete capture and so on make it challenging to determine app's name at large scale in network traffic. With these constraints, we proposed AppTwins, an efficient, robust and automatical approach which has the ability to determine corrupted package's name. The identification consists of three distinct steps. Step 1, identify app packages with a stream fuzzy hash fingerprint database in live network traffic. Step 2, the unprecedented ones were captured and decompiled to acquire new app's name, a fingerprint was also calculated. Step3, update the database with new app's name and fingerprint. AppTwins achieves up a recall rate of 97.63% and a precision rate of 96.44% when app packages are almost complete. Furthermore, It can also identify incomplete app packages in the real traffic where there are no name or URL.","PeriodicalId":180504,"journal":{"name":"2017 8th International Conference on Information and Communication Systems (ICICS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"AppTwins: A new approach to identify app package in network traffic\",\"authors\":\"Xiang Li, Chao Zheng, Chengwei Zhang, Shu Li, Li Guo, J. Xu\",\"doi\":\"10.1109/IACS.2017.7921975\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The smartphone applications have taken place of the web browser and became the user's primary internet entrance. One application's popularity can be measured by its downloading times, and it is valuable for commercial advertising. Identifying app installation packages from network traffic is one of the most feasible approaches to collect these data. But asymmetric routing, incomplete capture and so on make it challenging to determine app's name at large scale in network traffic. With these constraints, we proposed AppTwins, an efficient, robust and automatical approach which has the ability to determine corrupted package's name. The identification consists of three distinct steps. Step 1, identify app packages with a stream fuzzy hash fingerprint database in live network traffic. Step 2, the unprecedented ones were captured and decompiled to acquire new app's name, a fingerprint was also calculated. Step3, update the database with new app's name and fingerprint. AppTwins achieves up a recall rate of 97.63% and a precision rate of 96.44% when app packages are almost complete. Furthermore, It can also identify incomplete app packages in the real traffic where there are no name or URL.\",\"PeriodicalId\":180504,\"journal\":{\"name\":\"2017 8th International Conference on Information and Communication Systems (ICICS)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 8th International Conference on Information and Communication Systems (ICICS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IACS.2017.7921975\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 8th International Conference on Information and Communication Systems (ICICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IACS.2017.7921975","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
AppTwins: A new approach to identify app package in network traffic
The smartphone applications have taken place of the web browser and became the user's primary internet entrance. One application's popularity can be measured by its downloading times, and it is valuable for commercial advertising. Identifying app installation packages from network traffic is one of the most feasible approaches to collect these data. But asymmetric routing, incomplete capture and so on make it challenging to determine app's name at large scale in network traffic. With these constraints, we proposed AppTwins, an efficient, robust and automatical approach which has the ability to determine corrupted package's name. The identification consists of three distinct steps. Step 1, identify app packages with a stream fuzzy hash fingerprint database in live network traffic. Step 2, the unprecedented ones were captured and decompiled to acquire new app's name, a fingerprint was also calculated. Step3, update the database with new app's name and fingerprint. AppTwins achieves up a recall rate of 97.63% and a precision rate of 96.44% when app packages are almost complete. Furthermore, It can also identify incomplete app packages in the real traffic where there are no name or URL.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
