Abstract
The number of malware detected has been increasing annually, and 4.12% of malware reported in 2018 attacked Android phones. Therefore, preventing attacks by Android malware is critically important. Several previous studies have investigated the percentage of apps that utilize accessibility services and are distributed from Google Play, that have been reportedly used by Android malware. However, the Social Networking Services (SNSs) that are used to spread malware have distributed apps not only from Google Play but also from other sources. Therefore, apps distributed from within and outside of Google Play must be investigated to capture malware trends. In this study, we collected apps shared on Twitter in 2018, which is a representative SNS, and created a Twitter shared apps dataset. The dataset consists of 32,068 apps downloaded from the websites of URLs collected on Twitter. We clarified the proportion of apps that contained malware and proportion of apps utilizing accessibility services. We found that both, the percentage of malware and percentage of total apps using accessibility services have been increasing. Notably, the percentages of malware and un-suspicious apps using accessibility services were quite similar. Therefore, this problem cannot be solved by automatically blocking all apps that use accessibility services. Hence, specific countermeasures against malware using accessibility services will be increasingly important for online security in the future.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Android Developers: AccessibilityService. https://developer.android.com/reference/android/accessibilityservice/AccessibilityService. Accessed 22 Apr 2020
Android Developers: Create your own accessibility service. https://developer.android.com/guide/topics/ui/accessibility/service. Accessed 26 Apr 2020
Android Developers: Build more accessible apps. https://developer.android.com/guide/topics/ui/accessibility. Accessed 22 Apr 2020
Android Police: Google will remove play store apps that use accessibility services for anything except helping disabled users. https://www.androidpolice.com/2017/11/12/google-will-remove-play-store-apps-use-accessibility-services-anything-except-helping-disabled-users/. Accessed 19 Apr 2020
Apktool. https://ibotpeaches.github.io/Apktool/. Accessed 28 Apr 2020
AV-TEST: Security report 2018/19. https://www.av-test.org/fileadmin/pdf/security_report/AV-TEST_Security_Report_2018-2019.pdf. Accessed 24 Apr 2020
Bromium: Report: social media platforms and the cybercrime economy. https://www.bromium.com/resource/report-social-media-platforms-and-the-cybercrime-economy/. Accessed 19 Apr 2020
Diao, W., et al.: Kindness is a risky business: on the usage of the accessibility APIs in Android. In: 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019), pp. 261–275. USENIX Association, Beijing (September 2019). https://www.usenix.org/conference/raid2019/presentation/diao
Doctor Web: Mobile malware review for 2017. https://news.drweb.com/show/review/?i=11671&lng=en. Accessed 30 Mar 2020
Fratantonio, Y., Qian, C., Chung, S.P., Lee, W.: Cloak and dagger: from two permissions to complete control of the UI feedback loop. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 1041–1057 (2017)
Gustuff: Weapon of mass infection. https://www.group-ib.com/blog/gustuff. Accessed 30 Mar 2020
Kalysch, A., Bove, D., Müller, T.: How Android’s UI security is undermined by accessibility. In: Proceedings of the 2nd Reversing and Offensive-Oriented Trends Symposium. ROOTS 2018. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3289595.3289597
Kaspersky Daily: No, you have not won two free airline tickets. https://usa.kaspersky.com/blog/free-airline-tickets-scam/11533/. Accessed 19 Apr 2020
Kaspersky Daily: Skygofree - a Hollywood-style mobile spy. https://usa.kaspersky.com/blog/skygofree-smart-trojan/14418/. Accessed 30 Mar 2020
McAfee Mobile Threat Report Q1, 2020. https://www.mcafee.com/content/dam/consumer/en-us/docs/2020-Mobile-Threat-Report.pdf. Accessed 25 Apr 2020
Naseri, M., Borges, N.P., Zeller, A., Rouvoy, R.: Accessileaks: investigating privacy leaks exposed by the android accessibility service. Proc. Priv. Enhanc. Technol. 2019(2), 291–305 (2019). https://content.sciendo.com/view/journals/popets/2019/2/article-p291.xml
Twitter Developers: POST statuses/filter. https://developer.twitter.com/en/docs/tweets/filter-realtime/api-reference/post-statuses-filter. Accessed 27 Apr 2020
WeLiveSecurity: Semi-annual balance of mobile security 2019. https://www.welivesecurity.com/2019/09/05/balance-mobile-security-2019/. Accessed 25 Apr 2020
Acknowledgement
The research results have been achieved by “WarpDrive: Web-based Attack Response with Practical and Deployable Research InitiatiVE,” the Commissioned Research of National Institute of Information and Communications Technology (NICT), Japan.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Ichioka, S., Pouget, E., Mimura, T., Nakajima, J., Yamauchi, T. (2020). Accessibility Service Utilization Rates in Android Applications Shared on Twitter. In: You, I. (eds) Information Security Applications. WISA 2020. Lecture Notes in Computer Science(), vol 12583. Springer, Cham. https://doi.org/10.1007/978-3-030-65299-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-65299-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65298-2
Online ISBN: 978-3-030-65299-9
eBook Packages: Computer ScienceComputer Science (R0)