Characterizing promotional attacks in mobile app store

Bo Sun, Xiapu Luo, Mitsuaki Akiyama, Takuya Watanabe, Tatsuya Mori

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Mobile app stores, such as Google Play, play a vital role in the ecosystem of mobile apps. When users look for an app of interest, they can acquire useful data from the app store to facilitate their decision on installing the app or not. This data includes ratings, reviews, number of installs, and the category of the app. The ratings and reviews are the user-generated content (UGC) that affect the reputation of an app. Unfortunately, miscreants also exploit such channels to conduct promotional attacks (PAs) that lure victims to install malicious apps. In this paper, we propose and develop a new system called PADetective to detect miscreants who are likely to be conducting promotional attacks. Using a dataset with 1,723 of labeled samples, we demonstrate that the true positive rate of detection model is 90%, with a false positive rate of 5.8%. We then applied PADetective to a large dataset for characterizing the prevalence of PAs in the wild and find 289 K potential PA attackers who posted reviews to 21 K malicious apps.

    Original languageEnglish
    Title of host publicationApplications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings
    PublisherSpringer Verlag
    Pages113-127
    Number of pages15
    Volume719
    ISBN (Print)9789811054204
    DOIs
    Publication statusPublished - 2017
    Event8th International Conference on Applications and Techniques in Information Security, ATIS 2017 - Auckland, New Zealand
    Duration: 2017 Jul 62017 Jul 7

    Publication series

    NameCommunications in Computer and Information Science
    Volume719
    ISSN (Print)1865-0929

    Other

    Other8th International Conference on Applications and Techniques in Information Security, ATIS 2017
    CountryNew Zealand
    CityAuckland
    Period17/7/617/7/7

    Fingerprint

    Application programs
    Ecosystems

    Keywords

    • Machine learning
    • Mobile app store
    • Promotional attacks

    ASJC Scopus subject areas

    • Computer Science(all)

    Cite this

    Sun, B., Luo, X., Akiyama, M., Watanabe, T., & Mori, T. (2017). Characterizing promotional attacks in mobile app store. In Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings (Vol. 719, pp. 113-127). (Communications in Computer and Information Science; Vol. 719). Springer Verlag. https://doi.org/10.1007/978-981-10-5421-1_10

    Characterizing promotional attacks in mobile app store. / Sun, Bo; Luo, Xiapu; Akiyama, Mitsuaki; Watanabe, Takuya; Mori, Tatsuya.

    Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings. Vol. 719 Springer Verlag, 2017. p. 113-127 (Communications in Computer and Information Science; Vol. 719).

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Sun, B, Luo, X, Akiyama, M, Watanabe, T & Mori, T 2017, Characterizing promotional attacks in mobile app store. in Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings. vol. 719, Communications in Computer and Information Science, vol. 719, Springer Verlag, pp. 113-127, 8th International Conference on Applications and Techniques in Information Security, ATIS 2017, Auckland, New Zealand, 17/7/6. https://doi.org/10.1007/978-981-10-5421-1_10
    Sun B, Luo X, Akiyama M, Watanabe T, Mori T. Characterizing promotional attacks in mobile app store. In Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings. Vol. 719. Springer Verlag. 2017. p. 113-127. (Communications in Computer and Information Science). https://doi.org/10.1007/978-981-10-5421-1_10
    Sun, Bo ; Luo, Xiapu ; Akiyama, Mitsuaki ; Watanabe, Takuya ; Mori, Tatsuya. / Characterizing promotional attacks in mobile app store. Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings. Vol. 719 Springer Verlag, 2017. pp. 113-127 (Communications in Computer and Information Science).
    @inproceedings{29fbb5d9a235474da88f1f4e8709d076,
    title = "Characterizing promotional attacks in mobile app store",
    abstract = "Mobile app stores, such as Google Play, play a vital role in the ecosystem of mobile apps. When users look for an app of interest, they can acquire useful data from the app store to facilitate their decision on installing the app or not. This data includes ratings, reviews, number of installs, and the category of the app. The ratings and reviews are the user-generated content (UGC) that affect the reputation of an app. Unfortunately, miscreants also exploit such channels to conduct promotional attacks (PAs) that lure victims to install malicious apps. In this paper, we propose and develop a new system called PADetective to detect miscreants who are likely to be conducting promotional attacks. Using a dataset with 1,723 of labeled samples, we demonstrate that the true positive rate of detection model is 90{\%}, with a false positive rate of 5.8{\%}. We then applied PADetective to a large dataset for characterizing the prevalence of PAs in the wild and find 289 K potential PA attackers who posted reviews to 21 K malicious apps.",
    keywords = "Machine learning, Mobile app store, Promotional attacks",
    author = "Bo Sun and Xiapu Luo and Mitsuaki Akiyama and Takuya Watanabe and Tatsuya Mori",
    year = "2017",
    doi = "10.1007/978-981-10-5421-1_10",
    language = "English",
    isbn = "9789811054204",
    volume = "719",
    series = "Communications in Computer and Information Science",
    publisher = "Springer Verlag",
    pages = "113--127",
    booktitle = "Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings",
    address = "Germany",

    }

    TY - GEN

    T1 - Characterizing promotional attacks in mobile app store

    AU - Sun, Bo

    AU - Luo, Xiapu

    AU - Akiyama, Mitsuaki

    AU - Watanabe, Takuya

    AU - Mori, Tatsuya

    PY - 2017

    Y1 - 2017

    N2 - Mobile app stores, such as Google Play, play a vital role in the ecosystem of mobile apps. When users look for an app of interest, they can acquire useful data from the app store to facilitate their decision on installing the app or not. This data includes ratings, reviews, number of installs, and the category of the app. The ratings and reviews are the user-generated content (UGC) that affect the reputation of an app. Unfortunately, miscreants also exploit such channels to conduct promotional attacks (PAs) that lure victims to install malicious apps. In this paper, we propose and develop a new system called PADetective to detect miscreants who are likely to be conducting promotional attacks. Using a dataset with 1,723 of labeled samples, we demonstrate that the true positive rate of detection model is 90%, with a false positive rate of 5.8%. We then applied PADetective to a large dataset for characterizing the prevalence of PAs in the wild and find 289 K potential PA attackers who posted reviews to 21 K malicious apps.

    AB - Mobile app stores, such as Google Play, play a vital role in the ecosystem of mobile apps. When users look for an app of interest, they can acquire useful data from the app store to facilitate their decision on installing the app or not. This data includes ratings, reviews, number of installs, and the category of the app. The ratings and reviews are the user-generated content (UGC) that affect the reputation of an app. Unfortunately, miscreants also exploit such channels to conduct promotional attacks (PAs) that lure victims to install malicious apps. In this paper, we propose and develop a new system called PADetective to detect miscreants who are likely to be conducting promotional attacks. Using a dataset with 1,723 of labeled samples, we demonstrate that the true positive rate of detection model is 90%, with a false positive rate of 5.8%. We then applied PADetective to a large dataset for characterizing the prevalence of PAs in the wild and find 289 K potential PA attackers who posted reviews to 21 K malicious apps.

    KW - Machine learning

    KW - Mobile app store

    KW - Promotional attacks

    UR - http://www.scopus.com/inward/record.url?scp=85022179732&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=85022179732&partnerID=8YFLogxK

    U2 - 10.1007/978-981-10-5421-1_10

    DO - 10.1007/978-981-10-5421-1_10

    M3 - Conference contribution

    SN - 9789811054204

    VL - 719

    T3 - Communications in Computer and Information Science

    SP - 113

    EP - 127

    BT - Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings

    PB - Springer Verlag

    ER -