Don't throw me away: Threats caused by the abandoned internet resources used by android apps

Elkana Pariwono, Mitsuaki Akiyama, Daiki Chiba, Tatsuya Mori

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

This study aims to understand the threats caused by abandoned Internet resources used by Android apps. By abandoned, we mean Internet resources that support apps that were published and are still available on the mobile app marketplace, but have not been maintained and hence are at risk for abuse by an outsider. Internet resources include domain names and hard-coded IP addresses, which could be used for nefarious purposes, e.g., stealing sensitive private information, scamming and phishing, click fraud, and injecting malware distribution URL. As a result of the analysis of 1.1 M Android apps published in the official marketplace, we uncovered 3,628 of abandoned Internet resources associated with 7,331 available mobile apps. These resources are subject to hijack by outsiders. Of these apps, 13 apps have been installed more than a million of times, a measure of the breadth of the threat. Based on the findings of empirical experiments, we discuss potential threats caused by abandoned Internet resources and propose countermeasures against these threats.

Original languageEnglish
Title of host publicationASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages147-158
Number of pages12
ISBN (Electronic)9781450355766
DOIs
Publication statusPublished - 2018 May 29
Event13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 - Incheon, Korea, Republic of
Duration: 2018 Jun 42018 Jun 8

Publication series

NameASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

Other

Other13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018
Country/TerritoryKorea, Republic of
CityIncheon
Period18/6/418/6/8

Keywords

  • Android Security
  • Mobile Apps Measurement
  • Mobile computing security

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Information Systems
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Don't throw me away: Threats caused by the abandoned internet resources used by android apps'. Together they form a unique fingerprint.

Cite this