ORBilu: Detailled Reference

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Should You Consider Adware as Malware in Your Study?

Gao, Jun; Li, Li; Kong, Pingfan et al.

2019 • In 26th edition of the IEEE International Conference on Software Analysis, Evolution and Reengineering

Peer reviewed

Permalink
https://hdl.handle.net/10993/39008

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

adware-paper-SANER-2019-submitted.pdf

Author preprint (369.6 kB)

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Android; adware; malware

Abstract :

[en] Empirical validations of research approaches eventually require a curated ground truth. In studies related to Android malware, such a ground truth is built by leveraging Anti-Virus (AV) scanning reports which are often provided free through online services such as VirusTotal. Unfortunately, these reports do not offer precise information for appropriately and uniquely assigning classes to samples in app datasets: AV engines indeed do not have a consensus on specifying information in labels. Furthermore, labels often mix information related to families, types, etc. In particular, the notion of “adware” is currently blurry when it comes to maliciousness. There is thus a need to thoroughly investigate cases where adware samples can actually be associated with malware (e.g., because they are tagged as adware but could be considered as malware as well). In this work, we present a large-scale analytical study of Android adware samples to quantify to what extent “adware should be considered as malware”. Our analysis is based on the Androzoo repository of 5 million apps with associated AV labels and leverages a state-of-the-art label harmonization tool to infer the malicious type of apps before confronting it against the ad families that each adware app is associated with. We found that all adware families include samples that are actually known to implement specific malicious behavior types. Up to 50% of samples in an ad family could be flagged as malicious. Overall the study demonstrates that adware is not necessarily benign.

Disciplines :

Computer science

Author, co-author :

Gao, Jun ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Li, Li; Monash University > Faculty of Information Technology

Kong, Pingfan ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Bissyande, Tegawendé François D Assise ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Klein, Jacques ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)

External co-authors :

yes

Language :

English

Title :

Should You Consider Adware as Malware in Your Study?

Publication date :

24 February 2019

Event name :

26th edition of the IEEE International Conference on Software Analysis, Evolution and Reengineering

Event place :

Hangzhou, China

Event date :

from 24-2-2019 to 27-2-2019

Main work title :

26th edition of the IEEE International Conference on Software Analysis, Evolution and Reengineering

Peer reviewed :

Peer reviewed

Focus Area :

Computational Sciences

Funders :

FNR - Fonds National de la Recherche [LU]

Available on ORBilu :

since 11 March 2019

Statistics

Number of views

185 (20 by Unilu)

Number of downloads

676 (14 by Unilu)

More statistics

Scopus citations^®

18

Scopus citations^®
without self-citations

16

Bibliography

Oxford Dictionaries. Adware. https://en.oxforddictionaries.com/definition/adware.
Eric Chien. Techniques of adware and spyware. Dublin, Ireland, Oct 2005. Symantec, VB2005 Conference.
Yajin Zhou and Xuxian Jiang. Dissecting android malware: Characterization and evolution. In IEEE Symposium on Security & Privacy, San Francisco, May 2012.
Jameel Qadri, Thomas M Chen, and Jorge Blasco. A review of significance of energy-consumption anomaly in malware detection in mobile devices. 2016.
Yuta Ishii, Takuya Watanabe, Mitsuaki Akiyama, and Tatsuya Mori. Clone or relative?: Understanding the origins of similar android apps. In Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics, pages 25-32. ACM, 2016.
Bartlomiej Uscilowski. Mobile adware and malware analysis. Technical report, Symantec, 2013.
Li Li, Alexandre Bartel, Tegawende F Bissyande, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick Mcdaniel. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps. In Proceedings of the 37th International Conference on Software Engineering (ICSE 2015), 2015.
Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, and Giovanni Vigna. Obfuscation-resilient privacy leak detection for mobile apps through differential analysis. In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS), pages 1-16, 2017.
Mederic Hurier, Tegawend F. Bissyande, Yves Le Traon, Jacques Klein, Guillermo Suarez-Tangil, Santanu Kumar Dash, and Lorenzo Cavallaro. Euphony: Harmonious unification of cacophonous anti-virus vendor labels for android malware. In The 14th International Conference on Mining Software Repositories (MSR), Argentina, May 2017.
Kevin Allix, Tegawende F Bissyande, Jacques Klein, and Yves Le Traon. Androzoo: Collecting millions of android apps for the research community. In Mining Software Repositories (MSR), 2016 IEEE/ACM 13th Working Conference on, pages 468-471. IEEE, 2016.
Li Li, Jun Gao, Mederic Hurier, Pingfan Kong, Tegawende F Bissyande, Alexandre Bartel, Jacques Klein, and Yves Le Traon. Androzoo++: Collecting millions of android apps and their metadata for the research community. arXiv preprint arXiv:1709.05281, 2017.
VirusTotal. About page. https://virustotal.com/en/about/. accessed on 1st March 2018.
Li Li, Tegawende F Bissyande, Jacques Klein, and Yves Le Traon. An investigation into the use of common libraries in android apps. In The 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016), 2016.
Pingfan Kong, Li Li, Jun Gao, Kui Liu, Tegawende F Bissyande, and Jacques Klein. Automated testing of android apps: A systematic literature review. IEEE Transactions on Reliability, 2018.
Li Li, Tegawende F Bissyande, Mike Papadakis, Siegfried Rasthofer, Alexandre Bartel, Damien Octeau, Jacques Klein, and Yves Le Traon. Static analysis of android apps: A systematic literature review. Information and Software Technology, 2017.
Marcos Sebastían, Richard Rivera, Platon Kotzias, and Juan Caballero. Avclass: A tool for massive malware labeling. In International Symposium on Research in Attacks, Intrusions, and Defenses, pages 230-253. Springer, 2016.
Annamalai Narayanan, Lihui Chen, and Chee Keong Chan. Addetect: Automated detection of android ad libraries using semantic analysis. In Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), 2014 IEEE Ninth International Conference on, pages 1-6. IEEE, 2014.
Leonid Glanz, Sven Amann, Michael Eichberg, Michael Reif, Ben Hermann, Johannes Lerch, and Mira Mezini. Codematch: obfuscation wont conceal your repackaged app. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, pages 638-648. ACM, 2017.
Menghao Li, Wei Wang, Pei Wang, Shuai Wang, Dinghao Wu, Jian Liu, Rui Xue, and Wei Huo. Libd: scalable and precise third-party library detection in android markets. In Software Engineering (ICSE), 2017 IEEE/ACM 39th International Conference on, pages 335-346. IEEE, 2017.
Ziang Ma, Haoyu Wang, Yao Guo, and Xiangqun Chen. Libradar: fast and accurate detection of third-party libraries in android apps. In Proceedings of the 38th international conference on software engineering companion, pages 653-656. ACM, 2016.
Feng Dong, Haoyu Wang, Li Li, Yao Guo, Guoai Xu, and Shaodong Zhang. How do mobile apps violate the behavioral policy of advertisement libraries? In Proceedings of the 19th International Workshop on Mobile Computing Systems and Applications (HotMobile), 2018.
Feng Dong, Haoyu Wang, Li Li, Yao Guo, Tegawende F Bissyande, Tianming Liu, Guoai Xu, and Jacques Klein. Frauddroid: Automated ad fraud detection for android apps. In The 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2018), 2018.
Michael C Grace, Wu Zhou, Xuxian Jiang, and Ahmad-Reza Sadeghi. Unsafe exposure analysis of mobile in-App advertisements. In Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, pages 101-112. ACM, 2012.
Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang, and Carl A Gunter. Free for all! assessing user data exposure to advertising libraries on android. In NDSS, 2016.
Vincent Toubiana, Arvind Narayanan, Dan Boneh, Helen Nissenbaum, and Solon Barocas. Adnostic: Privacy preserving targeted advertising. 2010.
Saikat Guha, Bin Cheng, and Paul Francis. Privad: Practical privacy in online advertising. In USENIX conference on Networked systems design and implementation, pages 169-182, 2011.

Similar publications