Enhancement of existing tools

According to our reproducing process of existing tools and the evaluation results, we find existing tools have two common limitations that could be improved: (1) ability to handle ``.aar'' files (i.e., LibPecker, ORLIS, and LibID); (2) ability to handle multidex problems (i.e., LibRadar and ORLIS).

We improved LibID, LibPecker, and ORLIS, and the recall of these tools has increased by 6.30%, 19.32%, and 12.59%, respectively.

There are two implementations to solve the ``.aar'' problem: a) decompress the ``.aar'' file and get the code file ``classes.jar'' inside. b) use the module zipfile from python which can directly extract the ``classes.jar'' in ``.aar'' file and then send it to detection tool.

For the fixed multidex problem, the recall of LibRadar and ORLIS has increased by 16.15% and 14.69%.

Apart from the aforementioned common problems, we find that LibID can be enhanced from two aspects: 1) fixed dex2jar. Android developers can prevent its Java code from being converted by dex2jar by inserting the syntax error of bytecode into the java function that they want to protect. By exploiting the syntax check mechanism of dex2jar, developers can achieve the purpose of dex2jar conversion error. We fixed this problem by modifying the \texttt{TypeClass.java} file to ignore the type errors if the apps are protected in this way. 2) fixed running errors. Users directly use the commands, which will meet a crash when the database contains large batches of TPL files. We enhance LibID by splitting the signature volume into smaller units (i.e., 100 TPLs as a unit) and merge the detection results.

The detection rate of LibID increased by 14.84%.