Rui Shao scite author profile

Rui Shao

2Publications

27Citation Statements Received

14Citation Statements Given

How they've been cited

How they cite others

Affiliations

Zhejiang University of Science and Technology

Publications

Order By: Most citations

Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces

Rastogi¹,

Shao²,

Chen³

et al. 2016

View full text Add to dashboard Cite

Abstract-Mobile users are increasingly becoming targets of malware infections and scams. Some platforms, such as Android, are more open than others and are therefore easier to exploit than other platforms. In order to curb such attacks it is important to know how these attacks originate. We take a previously unexplored step in this direction and look for the answer at the interface between mobile apps and the Web. Numerous inapp advertisements work at this interface: when the user taps on an advertisement, she is led to a web page which may further redirect until the user reaches the final destination. Similarly, applications also embed web links that again lead to the outside Web. Even though the original application may not be malicious, the Web destinations that the user visits could play an important role in propagating attacks.In order to study such attacks we develop a systematic methodology consisting of three components related to triggering web links and advertisements, detecting malware and scam campaigns, and determining the provenance of such campaigns reaching the user. We have realized this methodology through various techniques and contributions and have developed a robust, integrated system capable of running continuously without human intervention. We deployed this system for a two-month period and analyzed over 600,000 applications in the United States and in China while triggering a total of about 1.5 million links in applications to the Web. We gain a general understanding of attacks through the app-web interface as well as make several interesting findings, including a rogue antivirus scam, free iPad and iPhone scams, and advertisements propagating SMS trojans disguised as fake movie players. In broader terms, our system enables locating attacks and identifying the parties (such as specific ad networks, websites, and applications) that intentionally or unintentionally let them reach the end users and, thus, increasing accountability from these parties.

show abstract

Understanding In-App Ads and Detecting Hidden Attacks through the Mobile App-Web Interface

Shao

Rastogi

Chen

et al. 2018

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rui Shao

Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces

Understanding In-App Ads and Detecting Hidden Attacks through the Mobile App-Web Interface

Contact Info

Product

Resources

About