Fast and accurate identification of message-based API calls in application binaries

Therefore, the following is claimed: 1. A system, comprising: at least one computing device; and at least one service executable in the at least one computing device, the at least one service, when executed, causing the at least one computing device to at least: obtain a set of compliance rules from a compliance rule store; receive a request to analyze an application; perform an application analysis by: obtaining data identifying a plurality of public application programming interface (API) definitions, analyzing binary code of the application and metadata of the application to determine a list of external classes and local classes used by the application and a list of external methods and local methods called by the application, and scanning the application to identify at least one public API invoked by the application, wherein the at least one public API invoked by the application is identified by comparing the list of external classes and local classes used by the application and the listing of external methods called by the application with the data identifying the plurality of public API definitions; wrap the application based at least in part on the application analysis; and enforce the set of compliance rules on the application based at least in part on the application analysis. 2. The system of claim 1 , wherein the at least one service, when executed, further causes the at least one computing device to at least: generate a developer reputation record based at least in part on the application analysis; and enforce the set of compliance rules on the application further based at least in part on the developer reputation record. 3. The system of claim 1 , wherein the at least one service, when executed, further causes the at least one computing device to at least embed a software development kit (SDK) in the application based at least in part on the application analysis. 4. The system of claim 1 , wherein the at least one service, when executed, further causes the at least one computing device to at least perform forward constant propagation to determine a plurality of instructions of the application that invoke the at least one public API. 5. The system of claim 1 , wherein the at least one service, when executed, further causes the at least one computing device to at least perform backward slicing to check an argument of the at least one public API. 6. The system of claim 1 , wherein the at least one computing device comprises a first computing device and the set of compliance rules comprise a compliance rule restricting access to the wrapped application based at least in part on a current time or a location of a second computing device executing the wrapped application. 7. A method, comprising: obtaining a set of compliance rules from a compliance rule store; receiving a request to analyze an application; performing an application analysis by: obtaining data identifying a plurality of public application programming interface (API) definition, analyzing binary code of the application and metadata of the application to determine a list of external classes and local classes used by the application and a list of external methods and local methods called by the application, and scanning the application to identify at least one public API invoked by the application, wherein the at least one public API invoked by the application is identified by comparing the list of external classes and local classes used by the application and the listing of external methods called by the application with the data identifying the plurality of public API definitions; wrapping the application based at least in part on the application analysis; and enforcing the set of compliance rules on the application based at least in part on the application analysis. 8. The method of claim 7 , further comprising: generating a developer reputation record based at least in part on the application analysis; and enforcing the set of compliance rules on the application further based at least in part on the developer reputation record. 9. The method of claim 7 , further comprising embedding a software development kit (SDK) in the application based at least in part on the application analysis. 10. The method of claim 7 , further comprising performing forward constant propagation to determine a plurality of instructions of the application that invoke the at least one public API. 11. The method of claim 7 , further comprising performing backward slicing to check an argument of the at least one public API. 12. The method of claim 7 , wherein the set of compliance rules comprises a compliance rule restricting access to the wrapped application based at least in part on a current time. 13. The method of claim 7 , wherein the set of compliance rules comprises a compliance rule restricting access to the wrapped application based at least in part on a location of a computing device executing the wrapped application. 14. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least: obtain a set of compliance rules from a compliance rule store; receive a request to analyze an application; perform an application analysis by: obtaining data identifying a plurality of public application programming interface (API) definitions, analyzing binary code of the application and metadata of the application to determine a list of external classes and local classes used by the application and a list of external methods and local methods called by the application, and scanning the application to identify at least one API invoked by the application, wherein the at least one public API invoked by the application is identified by comparing the list of external classes and local classes used by the application and the listing of external methods called by the application with the data identifying the plurality of public API definitions; wrap the application based at least in part on the application analysis; and enforce the set of compliance rules on the application based at least in part on the application analysis. 15. The non-transitory computer-readable medium of claim 14 , wherein when executed the program causes the at least one computing device to at least embed a software development kit (SDK) in the application based at least in part on the application analysis. 16. The non-transitory computer-readable medium of claim 14 , wherein when executed the program causes the at least one computing device to at least generate a developer reputation record based at least in part on the application analysis. 17. The non-transitory computer-readable medium of claim 16 , wherein when executed the program causes the at least one computing device to at least enforce the set of compliance rules on the application further based at least in part on the developer reputation record. 18. The non-transitory computer-readable medium of claim 14 , wherein when executed the program causes the at least one computing device to at least perform forward constant propagation to determine a plurality of instructions of the application that invoke the at least one public API. 19. The non-transitory computer-readable medium of claim 14 , wherein when executed the program causes the at least one computing device to at least perform backward slicing to check an argument of the at least one public API. 20. The non-transitory computer-read