Characterizing promotional attacks in mobile app store

Bo Sun, Xiapu Luo, Mitsuaki Akiyama, Takuya Watanabe, Tatsuya Mori

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Mobile app stores, such as Google Play, play a vital role in the ecosystem of mobile apps. When users look for an app of interest, they can acquire useful data from the app store to facilitate their decision on installing the app or not. This data includes ratings, reviews, number of installs, and the category of the app. The ratings and reviews are the user-generated content (UGC) that affect the reputation of an app. Unfortunately, miscreants also exploit such channels to conduct promotional attacks (PAs) that lure victims to install malicious apps. In this paper, we propose and develop a new system called PADetective to detect miscreants who are likely to be conducting promotional attacks. Using a dataset with 1,723 of labeled samples, we demonstrate that the true positive rate of detection model is 90%, with a false positive rate of 5.8%. We then applied PADetective to a large dataset for characterizing the prevalence of PAs in the wild and find 289 K potential PA attackers who posted reviews to 21 K malicious apps.

Original languageEnglish
Title of host publicationApplications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings
EditorsDong Seong Kim, Gang Li, Xuyun Zhang, Lynn Batten
PublisherSpringer Verlag
Pages113-127
Number of pages15
ISBN (Print)9789811054204
DOIs
Publication statusPublished - 2017 Jan 1
Event8th International Conference on Applications and Techniques in Information Security, ATIS 2017 - Auckland, New Zealand
Duration: 2017 Jul 62017 Jul 7

Publication series

NameCommunications in Computer and Information Science
Volume719
ISSN (Print)1865-0929

Other

Other8th International Conference on Applications and Techniques in Information Security, ATIS 2017
CountryNew Zealand
CityAuckland
Period17/7/617/7/7

Keywords

  • Machine learning
  • Mobile app store
  • Promotional attacks

ASJC Scopus subject areas

  • Computer Science(all)
  • Mathematics(all)

Fingerprint Dive into the research topics of 'Characterizing promotional attacks in mobile app store'. Together they form a unique fingerprint.

  • Cite this

    Sun, B., Luo, X., Akiyama, M., Watanabe, T., & Mori, T. (2017). Characterizing promotional attacks in mobile app store. In D. S. Kim, G. Li, X. Zhang, & L. Batten (Eds.), Applications and Techniques in Information Security - 8th International Conference, ATIS 2017, Proceedings (pp. 113-127). (Communications in Computer and Information Science; Vol. 719). Springer Verlag. https://doi.org/10.1007/978-981-10-5421-1_10