Skip to main content
SpringerLink
Log in

Automated Cash Mining Attacks on Mobile Advertising Networks

  • Conference paper
  • First Online:
Book cover Information Security and Privacy (ACISP 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11547))

Included in the following conference series:

  • 1138 Accesses

Abstract

Rewarded advertisements are popularly used in the mobile advertising industry. In this paper, we analyze several rewarded advertisement applications to discover security weaknesses, which allow malicious users to automatically generate in-app activities for earning cash rewards on advertisement networks; we call this attack automated cash mining. To show the risk of this attack, we implemented automated cashing attacks on four popularly used Android applications (Cash Slide, Fronto, Honey Screen and Screen Stash) with rewarded advertisements through reverse engineering and demonstrated that all the tested reward apps are vulnerable to our attack implementation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Fiddler Extension (Requset to Code). http://www.chadsowald.com/software/fiddler-extension-request-to-code. Accessed 28 Feb 2019

  2. Cho, G., Cho, J., Song, Y., Choi, D., Kim, H.: Combating online fraud attacks in mobile-based advertising. EURASIP J. Inf. Secur. 2016(1), 2 (2016)

    Article  Google Scholar 

  3. Crussell, J., Stevens, R., Chen, H.: Madfraud: investigating ad fraud in android applications. In: Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services (2014)

    Google Scholar 

  4. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Security Symposium (2011)

    Google Scholar 

  5. Evans, C., Palmer, C.: Certificate pinning extension for HSTS (2011). https://tools.ietf.org/html/draft-evans-palmer-hsts-pinning-00

  6. Immorlica, N., Jain, K., Mahdian, M., Talwar, K.: Click fraud resistant methods for learning click-through rates. In: Deng, X., Ye, Y. (eds.) WINE 2005. LNCS, vol. 3828, pp. 34–45. Springer, Heidelberg (2005). https://doi.org/10.1007/11600930_5

    Chapter  Google Scholar 

Download references

Acknowledgments

This work was supported in part by NRF of Korea (NRF-2017K1A3A1A17092614) and the ICT Consilience Creative support program (IITP-2019-2015-0-00742).

Author information

Authors and Affiliations

  1. Sungkyunkwan University, Suwon, Republic of Korea

    Woojoong Ji, Taeyun Kim & Hyoungshick Kim

  2. AhnLab, Seongnam, Republic of Korea

    Kuyju Kim

Authors
  1. Woojoong Ji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Taeyun Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kuyju Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hyoungshick Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Woojoong Ji .

Editor information

Editors and Affiliations

  1. Massey University, Palmerston North, New Zealand

    Julian Jang-Jaccard

  2. University of Wollongong, Wollongong, NSW, Australia

    Fuchun Guo

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ji, W., Kim, T., Kim, K., Kim, H. (2019). Automated Cash Mining Attacks on Mobile Advertising Networks. In: Jang-Jaccard, J., Guo, F. (eds) Information Security and Privacy. ACISP 2019. Lecture Notes in Computer Science(), vol 11547. Springer, Cham. https://doi.org/10.1007/978-3-030-21548-4_40

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-21548-4_40

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-21547-7

  • Online ISBN: 978-3-030-21548-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation