Shrunk, Yet Complete: Code Shrinking-Resilient Android Third-Party Library Detection

Managing third-party libraries is a costly and critical task for enterprises, essential for both vulnerability assessment and license compliance. Existing android software composition analysis tools focus on mitigating code obfuscation but neglect the impact of code optimization, which is deeply integrated into build pipelines and disrupts library structure.To tackle these challenges, we developed LibSleuth, a detection tool designed to be resilient to code shrinking and obfuscation. It is based on the observation that even after shrinking, the remaining code still retains functional completeness. LibSleuth adopts two novel strategies: (1) Method level functional module matching: We break down feature matching to method level and define a functional module as related methods that represent used functionality. This allows us to detect libraries based on functional module completeness to address code shrinking. (2) Context-enhanced multi-level filtering: To improve robustness against obfuscation and reduce the cost of pairing, LibSleuth leverages contextual relationships to enhance feature stability and adopts a coarse-to-fine progressive matching process.We evaluated LibSleuth on datasets containing obfuscated and optimized Android apps. LibSleuth outperforms state-of-the-art academic and commercial tools in both scenarios. Under combined code shrinking and obfuscation, LibSleuth achieves an average 27.74% higher version level F1-score. Moreover, our analysis of 10,000 real world Android apps shows that 20.35% still depend on vulnerable library, demonstrating the practical utility of LibSleuth for downstream tasks.