2 research outputs found
MadDroid: Characterising and Detecting Devious Ad Content for Android Apps
Advertisement drives the economy of the mobile app ecosystem. As a key
component in the mobile ad business model, mobile ad content has been
overlooked by the research community, which poses a number of threats, e.g.,
propagating malware and undesirable contents. To understand the practice of
these devious ad behaviors, we perform a large-scale study on the app contents
harvested through automated app testing. In this work, we first provide a
comprehensive categorization of devious ad contents, including five kinds of
behaviors belonging to two categories: \emph{ad loading content} and \emph{ad
clicking content}. Then, we propose MadDroid, a framework for automated
detection of devious ad contents. MadDroid leverages an automated app testing
framework with a sophisticated ad view exploration strategy for effectively
collecting ad-related network traffic and subsequently extracting ad contents.
We then integrate dedicated approaches into the framework to identify devious
ad contents. We have applied MadDroid to 40,000 Android apps and found that
roughly 6\% of apps deliver devious ad contents, e.g., distributing malicious
apps that cannot be downloaded via traditional app markets. Experiment results
indicate that devious ad contents are prevalent, suggesting that our community
should invest more effort into the detection and mitigation of devious ads
towards building a trustworthy mobile advertising ecosystem.Comment: To be published in The Web Conference 2020 (WWW'20