Abstract
Mobile app stores, such as Google Play, play a vital role in the ecosystem of mobile apps. When users look for an app of interest, they can acquire useful data from the app store to facilitate their decision on installing the app or not. This data includes ratings, reviews, number of installs, and the category of the app. The ratings and reviews are the user-generated content (UGC) that affect the reputation of an app. Unfortunately, miscreants also exploit such channels to conduct promotional attacks (PAs) that lure victims to install malicious apps. In this paper, we propose and develop a new system called PADetective to detect miscreants who are likely to be conducting promotional attacks. Using a dataset with 1,723 of labeled samples, we demonstrate that the true positive rate of detection model is 90%, with a false positive rate of 5.8%. We then applied PADetective to a large dataset for characterizing the prevalence of PAs in the wild and find 289 K potential PA attackers who posted reviews to 21 K malicious apps.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Developer policy center. http://goo.gl/yA0qUb
Feature selection. http://scikit-learn.org/stable/modules/feature_selection.html
gensim:topic modelling for humans. https://radimrehurek.com/gensim/
Google play reviews collection service. https://play.google.com/store/getreviews
Natural language toolkit. http://www.nltk.org
scikit-learn:machine learning in python. http://scikit-learn.org/stable/
Textblob: Simplified text processing. http://textblob.readthedocs.io/en/dev/
Virustotal- free online virus, malware and url scanner. https://www.virustotal.com
The FTC’s endorsement guides: What people are asking (2015). http://goo.gl/3875GT
El Ahmad, A.S., Yan, J., Ng, W.-Y.: Captcha design: color, usability, and security. IEEE Internet Comput. 16(2), 44–51 (2012)
Fu, B., Lin, J., Li, L., Faloutsos, C., Hong, J.I., Sadeh, N.M.: Why people hate your app: making sense of user feedback in a mobile app store. In: Proceedings of the ACM KDD (2013)
Ganguly, R.: App. store optimization - a crucial piece of the mobile app marketing puzzle (2013). https://blog.kissmetrics.com/app-store-optimization/
Kong, D., Cen, L., Jin, H.: AUTOREB: automatically understanding the review-to-behavior fidelity in android applications. In: Proceedings of the ACM CCS (2015)
Le, Q.V., Mikolov, T.: Distributed representations of sentences and documents. In: Proceedings of the ICML (2014)
Lim, E., Nguyen, V., Jindal, N., Liu, B., Lauw, H.W.: Detecting product review spammers using rating behaviors. In: Proceedings of the ACM CIKM (2010)
Liu, B., Nath, S., Govindan, R., Liu, J.: DECAF: detecting and characterizing ad fraud in mobile apps. In: Proceedings of the NSDI (2014)
Mukherjee, A., Liu, B., Glance, N.S.: Spotting fake reviewer groups in consumer reviews. In: Proceedings of the WWW (2012)
Mukherjee, A., Liu, B., Wang, J., Glance, N.S., Jindal, N.: Detecting group review spam. In: Proceedings of the WWW (2011)
Oh, H., Kim, S., Park, S., Zhou, M.: Can you trust online ratings? A mutual reinforcement model for trustworthy online rating systems. IEEE Trans. Syst. Man Cybern. Syst. 45(12), 1564–1576 (2015)
Statista Inc.: Number of apps available in leading app stores as of June 2016. http://goo.gl/JnBkmY
Viennot, N., Garcia, E., Nieh, J.: A measurement study of google play. In: Proceedings of the ACM SIGMETRICS (2014)
Xie, Z., Zhu, S.: Grouptie: toward hidden collusion group discovery in app stores. In: Proceedings of the ACM WiSec (2014)
Xie, Z., Zhu, S.: Appwatcher: unveiling the underground market of trading mobile app reviews. In: Proceedings of the ACM WiSec (2015)
Zhao, Y., Xie, Y., Yu, F., Ke, Q., Yu, Y., Chen, Y., Gillum, E.: Botgraph: large scale spamming botnet detection. In: Proceedings of the NSDI (2009)
Acknowledgements
A part of this work was supported by JSPS Grant-in-Aid for Scientific Research (KAKENHI) B, Grant number JP16H02832. A part of this work was also supported by a Grant for Non-Japanese Researchers from the NEC C&C Foundation and a Waseda University Grant for Special Research Projects (Project number: 2016S-055).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sun, B., Luo, X., Akiyama, M., Watanabe, T., Mori, T. (2017). Characterizing Promotional Attacks in Mobile App Store. In: Batten, L., Kim, D., Zhang, X., Li, G. (eds) Applications and Techniques in Information Security. ATIS 2017. Communications in Computer and Information Science, vol 719. Springer, Singapore. https://doi.org/10.1007/978-981-10-5421-1_10
Download citation
DOI: https://doi.org/10.1007/978-981-10-5421-1_10
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5420-4
Online ISBN: 978-981-10-5421-1
eBook Packages: Computer ScienceComputer Science (R0)