Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation

Wenjuan Li; Lijun Jiang; Weizhi Meng; Lam For Kwok

doi:10.1007/978-3-319-41354-9_11

Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation

Wenjuan Li, Lijun Jiang, Weizhi Meng, Lam For Kwok

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

1 Citation (Scopus)

Abstract

Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users’ trust on app download and can be utilized to propagate malware.

Original language	English
Title of host publication	Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings
Editors	Sheikh Mahbub Habib, Max Muhlhauser, Julita Vassileva, Sjouke Mauw
Publisher	Springer New York LLC
Pages	146-153
Number of pages	8
ISBN (Print)	9783319413532
DOIs	https://doi.org/10.1007/978-3-319-41354-9_11
Publication status	Published - 2016
Externally published	Yes
Event	10th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2016 - Darmstadt, Germany Duration: 18 Jul 2016 → 22 Jul 2016

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	473
ISSN (Print)	1868-4238

Conference

Conference	10th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2016
Country/Territory	Germany
City	Darmstadt
Period	18/07/16 → 22/07/16

Keywords

Anti-malware software
Malicious applications
Rating mechanism
Smartphone security
User trust and awareness

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications
Information Systems and Management

More information

10.1007/978-3-319-41354-9_11

Cite this

Li, W., Jiang, L., Meng, W., & Kwok, L. F. (2016). Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation. In S. M. Habib, M. Muhlhauser, J. Vassileva, & S. Mauw (Eds.), Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings (pp. 146-153). (IFIP Advances in Information and Communication Technology; Vol. 473). Springer New York LLC. https://doi.org/10.1007/978-3-319-41354-9_11

Li, Wenjuan ; Jiang, Lijun ; Meng, Weizhi et al. / Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation. Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings. editor / Sheikh Mahbub Habib ; Max Muhlhauser ; Julita Vassileva ; Sjouke Mauw. Springer New York LLC, 2016. pp. 146-153 (IFIP Advances in Information and Communication Technology).

@inproceedings{1e949820e162406592d4f868de5c1c82,

title = "Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation",

abstract = "Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users{\textquoteright} trust on app download and can be utilized to propagate malware.",

keywords = "Anti-malware software, Malicious applications, Rating mechanism, Smartphone security, User trust and awareness",

author = "Wenjuan Li and Lijun Jiang and Weizhi Meng and Kwok, {Lam For}",

note = "Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2016.; 10th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2016 ; Conference date: 18-07-2016 Through 22-07-2016",

year = "2016",

doi = "10.1007/978-3-319-41354-9_11",

language = "English",

isbn = "9783319413532",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer New York LLC",

pages = "146--153",

editor = "Habib, {Sheikh Mahbub} and Max Muhlhauser and Julita Vassileva and Sjouke Mauw",

booktitle = "Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings",

address = "United States",

}

Li, W, Jiang, L, Meng, W & Kwok, LF 2016, Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation. in SM Habib, M Muhlhauser, J Vassileva & S Mauw (eds), Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings. IFIP Advances in Information and Communication Technology, vol. 473, Springer New York LLC, pp. 146-153, 10th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2016, Darmstadt, Germany, 18/07/16. https://doi.org/10.1007/978-3-319-41354-9_11

Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation. / Li, Wenjuan; Jiang, Lijun; Meng, Weizhi et al.
Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings. ed. / Sheikh Mahbub Habib; Max Muhlhauser; Julita Vassileva; Sjouke Mauw. Springer New York LLC, 2016. p. 146-153 (IFIP Advances in Information and Communication Technology; Vol. 473).

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation

AU - Li, Wenjuan

AU - Jiang, Lijun

AU - Meng, Weizhi

AU - Kwok, Lam For

N1 - Publisher Copyright: © IFIP International Federation for Information Processing 2016.

PY - 2016

Y1 - 2016

N2 - Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users’ trust on app download and can be utilized to propagate malware.

AB - Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users’ trust on app download and can be utilized to propagate malware.

KW - Anti-malware software

KW - Malicious applications

KW - Rating mechanism

KW - Smartphone security

KW - User trust and awareness

UR - http://www.scopus.com/inward/record.url?scp=84979258327&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-41354-9_11

DO - 10.1007/978-3-319-41354-9_11

M3 - Conference article published in proceeding or book

AN - SCOPUS:84979258327

SN - 9783319413532

T3 - IFIP Advances in Information and Communication Technology

SP - 146

EP - 153

BT - Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings

A2 - Habib, Sheikh Mahbub

A2 - Muhlhauser, Max

A2 - Vassileva, Julita

A2 - Mauw, Sjouke

PB - Springer New York LLC

T2 - 10th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2016

Y2 - 18 July 2016 through 22 July 2016

ER -

Li W, Jiang L, Meng W, Kwok LF. Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation. In Habib SM, Muhlhauser M, Vassileva J, Mauw S, editors, Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings. Springer New York LLC. 2016. p. 146-153. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-319-41354-9_11

Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this