Dissecting Click Fraud Autonomy in the Wild

05/24/2021
by   Tong Zhu, et al.
0

Although the use of pay-per-click mechanisms stimulates the prosperity of the mobile advertisement network, fraudulent ad clicks result in huge financial losses for advertisers. Extensive studies identify click fraud according to click/traffic patterns based on dynamic analysis. However, in this study, we identify a novel click fraud, named humanoid attack, which can circumvent existing detection schemes by generating fraudulent clicks with similar patterns to normal clicks. We implement the first tool ClickScanner to detect humanoid attacks on Android apps based on static analysis and variational AutoEncoder (VAE) with limited knowledge of fraudulent examples. We define novel features to characterize the patterns of humanoid attacks in the apps' bytecode level. ClickScanner builds a data dependency graph (DDG) based on static analysis to extract these key features and form a feature vector. We then propose a classification model only trained on benign datasets to overcome the limited knowledge of humanoid attacks. We leverage ClickScanner to conduct the first large-scale measurement on app markets (i.e.,120,000 apps from Google Play and Huawei AppGallery) and reveal several unprecedented phenomena. First, even for the top-rated 20,000 apps, ClickScanner still identifies 157 apps as fraudulent, which shows the prevalence of humanoid attacks. Second, it is observed that the ad SDK-based attack (i.e., the fraudulent codes are in the third-party ad SDKs) is now a dominant attack approach. Third, the manner of attack is notably different across apps of various categories and popularities. Finally, we notice there are several existing variants of the humanoid attack. Additionally, our measurements demonstrate the proposed ClickScanner is accurate and time-efficient (i.e., the detection overhead is only 15.35 existing schemes).

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

01/14/2019

Peel the onion: Recognition of Android apps behind the Tor Network

In this work we show that Tor is vulnerable to app deanonymization attac...
03/06/2021

Fine with "1234"? An Analysis of SMS One-Time Password Randomness in Android Apps

A fundamental premise of SMS One-Time Password (OTP) is that the used ps...
03/02/2019

Clicktok: Click Fraud Detection using Traffic Analysis

Advertising is a primary means for revenue generation for millions of we...
02/05/2020

MadDroid: Characterising and Detecting Devious Ad Content for Android Apps

Advertisement drives the economy of the mobile app ecosystem. As a key c...
03/01/2021

CHAMP: Characterizing Undesired App Behaviors from User Comments based on Market Policies

Millions of mobile apps have been available through various app markets....
06/26/2021

How Private is Android's Private DNS Setting? Identifying Apps by Encrypted DNS Traffic

DNS over TLS (DoT) and DNS over HTTPS (DoH) promise to improve privacy a...
01/05/2018

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

In this paper, we seek to better understand Android obfuscation and depi...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.