CLAP: Classification of android PUAs by similarity of DNS queries

Mitsuhiro Hatada, Tatsuya Mori

Research output: Contribution to journalArticle

Abstract

This work develops a system called CLAP that detects and classifies "potentially unwanted applications" (PUAs) such as adware or remote monitoring tools. Our approach leverages DNS queries made by apps. Using a large sample of Android apps from third-party marketplaces, we first reveal that DNS queries can provide useful information for detection and classification of PUAs. We then show that existing DNS blacklists are limited when performing these tasks. Finally, we demonstrate that the CLAP system performs with high accuracy.

Original languageEnglish
Pages (from-to)265-275
Number of pages11
JournalIEICE Transactions on Information and Systems
VolumeE103D
Issue number2
DOIs
Publication statusPublished - 2020

Keywords

  • Classification
  • DNS query
  • Potentially unwanted
  • PUA
  • PUP

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Vision and Pattern Recognition
  • Electrical and Electronic Engineering
  • Artificial Intelligence

Fingerprint Dive into the research topics of 'CLAP: Classification of android PUAs by similarity of DNS queries'. Together they form a unique fingerprint.

  • Cite this