Kavli Affiliate: Ke Wang
| First 5 Authors: Zhuo Chen, Jie Liu, Yubo Hu, Lei Wu, Yajin Zhou
| Summary:
In recent years, the underground economy is proliferating in the mobile
system. These underground economy apps (UEware) make profits from providing
non-compliant services, especially in sensitive areas such as gambling,
pornography, and loans. Unlike traditional malware, most of them (over 80%) do
not have malicious payloads. Due to their unique characteristics, existing
detection approaches cannot effectively and efficiently mitigate this emerging
threat.
To address this problem, we propose a novel approach to effectively and
efficiently detect UEware by considering their UI transition graphs (UTGs).
Based on the proposed approach, we design and implement a system named
DeUEDroid to perform the detection. To evaluate DeUEDroid, we collect 25,717
apps and build the first large-scale ground-truth dataset (1,700 apps) of
UEware. The evaluation result based on the ground-truth dataset shows that
DeUEDroid can cover new UI features and statically construct precise UTG. It
achieves 98.22% detection F1-score and 98.97% classification accuracy,
significantly outperforming traditional approaches. The evaluation involving
24,017 apps demonstrates the effectiveness and efficiency of UEware detection
in real-world scenarios. Furthermore, the result reveals that UEware are
prevalent, with 54% of apps in the wild and 11% of apps in app stores being
UEware. Our work sheds light on future work in analyzing and detecting UEware.
| Search Query: ArXiv Query: search_query=au:”Ke Wang”&id_list=&start=0&max_results=3