MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps

Tianming Liu; Haoyu Wang; Li Li; Xiapu Luo; Feng Dong; Yao Guo; Liu Wang; Tegawendé Bissyandé; Jacques Klein

doi:https://doi.org/10.1145/3366423.3380242

MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps

Tianming Liu, Haoyu Wang, Li Li, Xiapu Luo, Feng Dong, Yao Guo, Liu Wang, Tegawendé Bissyandé, Jacques Klein

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

23 Citations (Scopus)

Abstract

Advertisement drives the economy of the mobile app ecosystem. As a key component in the mobile ad business model, mobile ad content has been overlooked by the research community, which poses a number of threats, e.g., propagating malware and undesirable contents. To understand the practice of these devious ad behaviors, we perform a large-scale study on the app contents harvested through automated app testing. In this work, we first provide a comprehensive categorization of devious ad contents, including five kinds of behaviors belonging to two categories: ad loading content and ad clicking content. Then, we propose MadDroid, a framework for automated detection of devious ad contents. MadDroid leverages an automated app testing framework with a sophisticated ad view exploration strategy for effectively collecting ad-related network traffic and subsequently extracting ad contents. We then integrate dedicated approaches into the framework to identify devious ad contents. We have applied MadDroid to 40,000 Android apps and found that roughly 6% of apps deliver devious ad contents, e.g., distributing malicious apps that cannot be downloaded via traditional app markets. Experiment results indicate that devious ad contents are prevalent, suggesting that our community should invest more effort into the detection and mitigation of devious ads towards building a trustworthy mobile advertising ecosystem.

Original language	English
Title of host publication	The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020
Publisher	ACM
Pages	1715–1726
Number of pages	12
ISBN (Electronic)	9781450370233
DOIs	https://doi.org/10.1145/3366423.3380242
Publication status	Published - 20 Apr 2020

Publication series

Name	The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020

Keywords

Android app
ad fraud
malware
mobile advertising

ASJC Scopus subject areas

Computer Networks and Communications
Software

More information

https://doi.org/10.1145/3366423.3380242

Cite this

Liu, T., Wang, H., Li, L., Luo, X., Dong, F., Guo, Y., Wang, L., Bissyandé, T., & Klein, J. (2020). MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps. In The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020 (pp. 1715–1726). (The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020). ACM. https://doi.org/10.1145/3366423.3380242

@inproceedings{fe741c2c5c9b46cb9ec861e733fc860d,

title = "MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps",

abstract = "Advertisement drives the economy of the mobile app ecosystem. As a key component in the mobile ad business model, mobile ad content has been overlooked by the research community, which poses a number of threats, e.g., propagating malware and undesirable contents. To understand the practice of these devious ad behaviors, we perform a large-scale study on the app contents harvested through automated app testing. In this work, we first provide a comprehensive categorization of devious ad contents, including five kinds of behaviors belonging to two categories: ad loading content and ad clicking content. Then, we propose MadDroid, a framework for automated detection of devious ad contents. MadDroid leverages an automated app testing framework with a sophisticated ad view exploration strategy for effectively collecting ad-related network traffic and subsequently extracting ad contents. We then integrate dedicated approaches into the framework to identify devious ad contents. We have applied MadDroid to 40,000 Android apps and found that roughly 6% of apps deliver devious ad contents, e.g., distributing malicious apps that cannot be downloaded via traditional app markets. Experiment results indicate that devious ad contents are prevalent, suggesting that our community should invest more effort into the detection and mitigation of devious ads towards building a trustworthy mobile advertising ecosystem.",

keywords = "Android app, ad fraud, malware, mobile advertising",

author = "Tianming Liu and Haoyu Wang and Li Li and Xiapu Luo and Feng Dong and Yao Guo and Liu Wang and Tegawend{\'e} Bissyand{\'e} and Jacques Klein",

note = "Funding Information: This work was partly supported by the National Natural Science Foundation of China (No.61702045 and No.61772042), by the Hong Kong RGC Projects (No.152223/17E, CityU C1008-16G), by the Australian Research Council (ARC) under projects DE200100016 and DP200100020, by the Fonds National de la Recherche (FNR), Luxembourg, under project CHARACTERIZE C17/IS/11693861, by the SPARTA project which has received funding from the European Union{\textquoteright}s Horizon 2020 research and innovation program under grant agreement No 830892. Publisher Copyright: {\textcopyright} 2020 ACM.",

year = "2020",

month = apr,

day = "20",

doi = "https://doi.org/10.1145/3366423.3380242",

language = "English",

series = "The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020",

publisher = "ACM",

pages = "1715–1726",

booktitle = "The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020",

}

Liu, T, Wang, H, Li, L, Luo, X, Dong, F, Guo, Y, Wang, L, Bissyandé, T & Klein, J 2020, MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps. in The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020. The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020, ACM, pp. 1715–1726. https://doi.org/10.1145/3366423.3380242

MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps. / Liu, Tianming; Wang, Haoyu; Li, Li et al.
The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020. ACM, 2020. p. 1715–1726 (The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020).

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - MadDroid

T2 - Characterizing and Detecting Devious Ad Contents for Android Apps

AU - Liu, Tianming

AU - Wang, Haoyu

AU - Li, Li

AU - Luo, Xiapu

AU - Dong, Feng

AU - Guo, Yao

AU - Wang, Liu

AU - Bissyandé, Tegawendé

AU - Klein, Jacques

N1 - Funding Information: This work was partly supported by the National Natural Science Foundation of China (No.61702045 and No.61772042), by the Hong Kong RGC Projects (No.152223/17E, CityU C1008-16G), by the Australian Research Council (ARC) under projects DE200100016 and DP200100020, by the Fonds National de la Recherche (FNR), Luxembourg, under project CHARACTERIZE C17/IS/11693861, by the SPARTA project which has received funding from the European Union’s Horizon 2020 research and innovation program under grant agreement No 830892. Publisher Copyright: © 2020 ACM.

PY - 2020/4/20

Y1 - 2020/4/20

N2 - Advertisement drives the economy of the mobile app ecosystem. As a key component in the mobile ad business model, mobile ad content has been overlooked by the research community, which poses a number of threats, e.g., propagating malware and undesirable contents. To understand the practice of these devious ad behaviors, we perform a large-scale study on the app contents harvested through automated app testing. In this work, we first provide a comprehensive categorization of devious ad contents, including five kinds of behaviors belonging to two categories: ad loading content and ad clicking content. Then, we propose MadDroid, a framework for automated detection of devious ad contents. MadDroid leverages an automated app testing framework with a sophisticated ad view exploration strategy for effectively collecting ad-related network traffic and subsequently extracting ad contents. We then integrate dedicated approaches into the framework to identify devious ad contents. We have applied MadDroid to 40,000 Android apps and found that roughly 6% of apps deliver devious ad contents, e.g., distributing malicious apps that cannot be downloaded via traditional app markets. Experiment results indicate that devious ad contents are prevalent, suggesting that our community should invest more effort into the detection and mitigation of devious ads towards building a trustworthy mobile advertising ecosystem.

AB - Advertisement drives the economy of the mobile app ecosystem. As a key component in the mobile ad business model, mobile ad content has been overlooked by the research community, which poses a number of threats, e.g., propagating malware and undesirable contents. To understand the practice of these devious ad behaviors, we perform a large-scale study on the app contents harvested through automated app testing. In this work, we first provide a comprehensive categorization of devious ad contents, including five kinds of behaviors belonging to two categories: ad loading content and ad clicking content. Then, we propose MadDroid, a framework for automated detection of devious ad contents. MadDroid leverages an automated app testing framework with a sophisticated ad view exploration strategy for effectively collecting ad-related network traffic and subsequently extracting ad contents. We then integrate dedicated approaches into the framework to identify devious ad contents. We have applied MadDroid to 40,000 Android apps and found that roughly 6% of apps deliver devious ad contents, e.g., distributing malicious apps that cannot be downloaded via traditional app markets. Experiment results indicate that devious ad contents are prevalent, suggesting that our community should invest more effort into the detection and mitigation of devious ads towards building a trustworthy mobile advertising ecosystem.

KW - Android app

KW - ad fraud

KW - malware

KW - mobile advertising

UR - http://www.scopus.com/inward/record.url?scp=85086566051&partnerID=8YFLogxK

U2 - https://doi.org/10.1145/3366423.3380242

DO - https://doi.org/10.1145/3366423.3380242

M3 - Conference article published in proceeding or book

T3 - The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020

SP - 1715

EP - 1726

BT - The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020

PB - ACM

ER -

MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps

Abstract

Publication series

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this