FraudDroid: Automated Ad Fraud Detection for Android Apps
Although mobile ad frauds have been widespread, state-of-the-art approaches in the literature have mainly focused on detecting the so-called \emph{static placement frauds}, where only a single UI state is involved and can be identified based on static information such as the size or location of ad views. Other types of fraud exist that involve multiple UI states and are performed dynamically while users interact with the app. Such \emph{dynamic interaction frauds}, although now widely spread in apps, have not yet been explored nor addressed in the literature. In this work, we investigate a wide range of mobile ad frauds to provide a comprehensive taxonomy to the research community. We then propose, FraudDroid, a novel hybrid approach to detect ad frauds in mobile Android apps. FraudDroid analyses apps dynamically to build UI state transition graphs and collects their associated runtime network traffics, which are then leveraged to check against a set of heuristic-based rules for identifying ad fraudulent behaviours. We show empirically that FraudDroid detects ad frauds with a high precision ($\sim 93%$) and recall ($\sim 92%$). Experimental results further show that FraudDroid is capable of detecting ad frauds across the spectrum of fraud types. By analysing 12,000 ad-supported Android apps, FraudDroid identified 335 cases of fraud associated with 20 ad networks that are further confirmed to be true positive results and are shared with our fellow researchers to promote advanced ad fraud detection.
Tue 6 NovDisplayed time zone: Guadalajara, Mexico City, Monterrey change
15:30 - 17:00 | |||
15:30 22mTalk | Text Filtering and Ranking for Security Bug Report Prediction Journal-First Fayola Peters Lero - The Irish Software Research Centre and University of Limerick, Thein Than Tun , Yijun Yu The Open University, UK, Bashar Nuseibeh The Open University (UK) & Lero (Ireland) DOI | ||
15:52 22mTalk | STADS: Software Testing as Species Discovery Journal-First Marcel Böhme Monash University DOI | ||
16:15 22mTalk | The Impact of Regular Expression Denial of Service (ReDoS) in Practice: An Empirical Study at the Ecosystem Scale Research Papers James C. Davis Virginia Tech, USA, Christy A. Coghlan Virginia Tech, USA, Francisco Servant Virginia Tech, Dongyoon Lee Virginia Tech, USA | ||
16:37 22mTalk | FraudDroid: Automated Ad Fraud Detection for Android Apps Research Papers Feng Dong Beijing University of Posts and Telecommunications, China, Haoyu Wang , Li Li Monash University, Australia, Yao Guo Peking University, Tegawendé F. Bissyandé University of Luxembourg, Luxembourg, Tianming Liu Beijing University of Posts and Telecommunications, China, Guoai Xu , Jacques Klein University of Luxembourg, SnT |