Dissecting developer policy violating apps: Characterization and detection
To ensure quality and trustworthiness of mobile apps, Google Play store imposes various developer policies. Once an app is reported for exhibiting policy-violating behaviors, it is removed from the store to protect users. Currently, Google Play store relies on mobile users’ feedbacks to identify pol...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3381 https://ink.library.smu.edu.sg/context/sis_research/article/4382/viewcontent/dissectingDeveloperPolicy.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4382 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-43822019-06-07T09:28:57Z Dissecting developer policy violating apps: Characterization and detection KYWE, Su Mon Yingjiu LI, HONG, Jason CHENG, Yao To ensure quality and trustworthiness of mobile apps, Google Play store imposes various developer policies. Once an app is reported for exhibiting policy-violating behaviors, it is removed from the store to protect users. Currently, Google Play store relies on mobile users’ feedbacks to identify policy violations. Our paper takes the first step towards understanding these policy-violating apps. First, we crawl 302 Android apps, which are reported in the Reddit forum by mobile users for policy violations and are later removed from the Google Play store. Second, we perform empirical analysis, which reveals that many violating behaviors have not been studied well by industry or research communities. We discover that 53% of the reported apps are either copying popular apps or violating copy-rights or trademarks of brands. Moreover, 49% of reported apps are violating ads policies by sending push notifications, adding homescreen icon and changing browser settings. Only 8% show malware-like behaviors, such as downloading malicious files to users’ mobile phones. Based on our empirical analysis results, we extract 175 features for differentiating bad apps from benign apps. Our features cover use of brand names and other keywords, third-party libraries, network activities, meta data, permissions, and suspicious API calls originated from third-party libraries. We then apply 10 machine learning classifiers on the extracted features to detect reported bad apps. Our experiment result shows that the best algorithm can detect them with 86.80% true positive rate and 13.6% false positive rate. On the other hand, the same samples of policy violating apps are detected by VirusTotal with true positive rate of 55.63% and false positive rate of 17.48%. 2016-10-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3381 info:doi/10.1109/MALWARE.2016.7888725 https://ink.library.smu.edu.sg/context/sis_research/article/4382/viewcontent/dissectingDeveloperPolicy.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Granular revocation ABE Cloud storage Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Granular revocation ABE Cloud storage Information Security |
| spellingShingle |
Granular revocation ABE Cloud storage Information Security KYWE, Su Mon Yingjiu LI, HONG, Jason CHENG, Yao Dissecting developer policy violating apps: Characterization and detection |
| description |
To ensure quality and trustworthiness of mobile apps, Google Play store imposes various developer policies. Once an app is reported for exhibiting policy-violating behaviors, it is removed from the store to protect users. Currently, Google Play store relies on mobile users’ feedbacks to identify policy violations. Our paper takes the first step towards understanding these policy-violating apps. First, we crawl 302 Android apps, which are reported in the Reddit forum by mobile users for policy violations and are later removed from the Google Play store. Second, we perform empirical analysis, which reveals that many violating behaviors have not been studied well by industry or research communities. We discover that 53% of the reported apps are either copying popular apps or violating copy-rights or trademarks of brands. Moreover, 49% of reported apps are violating ads policies by sending push notifications, adding homescreen icon and changing browser settings. Only 8% show malware-like behaviors, such as downloading malicious files to users’ mobile phones. Based on our empirical analysis results, we extract 175 features for differentiating bad apps from benign apps. Our features cover use of brand names and other keywords, third-party libraries, network activities, meta data, permissions, and suspicious API calls originated from third-party libraries. We then apply 10 machine learning classifiers on the extracted features to detect reported bad apps. Our experiment result shows that the best algorithm can detect them with 86.80% true positive rate and 13.6% false positive rate. On the other hand, the same samples of policy violating apps are detected by VirusTotal with true positive rate of 55.63% and false positive rate of 17.48%. |
| format |
text |
| author |
KYWE, Su Mon Yingjiu LI, HONG, Jason CHENG, Yao |
| author_facet |
KYWE, Su Mon Yingjiu LI, HONG, Jason CHENG, Yao |
| author_sort |
KYWE, Su Mon |
| title |
Dissecting developer policy violating apps: Characterization and detection |
| title_short |
Dissecting developer policy violating apps: Characterization and detection |
| title_full |
Dissecting developer policy violating apps: Characterization and detection |
| title_fullStr |
Dissecting developer policy violating apps: Characterization and detection |
| title_full_unstemmed |
Dissecting developer policy violating apps: Characterization and detection |
| title_sort |
dissecting developer policy violating apps: characterization and detection |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/sis_research/3381 https://ink.library.smu.edu.sg/context/sis_research/article/4382/viewcontent/dissectingDeveloperPolicy.pdf |
| _version_ |
1770573151908921344 |