TY - GEN
T1 - Trust it or not? An empirical study of rating mechanism and its impact on Smartphone malware propagation
AU - Li, Wenjuan
AU - Jiang, Lijun
AU - Meng, Weizhi
AU - Kwok, Lam For
N1 - Publisher Copyright:
© IFIP International Federation for Information Processing 2016.
PY - 2016
Y1 - 2016
N2 - Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users’ trust on app download and can be utilized to propagate malware.
AB - Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users’ trust on app download and can be utilized to propagate malware.
KW - Anti-malware software
KW - Malicious applications
KW - Rating mechanism
KW - Smartphone security
KW - User trust and awareness
UR - http://www.scopus.com/inward/record.url?scp=84979258327&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-41354-9_11
DO - 10.1007/978-3-319-41354-9_11
M3 - Conference article published in proceeding or book
AN - SCOPUS:84979258327
SN - 9783319413532
T3 - IFIP Advances in Information and Communication Technology
SP - 146
EP - 153
BT - Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Proceedings
A2 - Habib, Sheikh Mahbub
A2 - Muhlhauser, Max
A2 - Vassileva, Julita
A2 - Mauw, Sjouke
PB - Springer New York LLC
T2 - 10th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2016
Y2 - 18 July 2016 through 22 July 2016
ER -