maddroid characterizing and detecting devious ad contents
play

MadDroid: Characterizing and Detecting Devious Ad Contents for - PowerPoint PPT Presentation

May 24, 2023 •21 likes •241 views

2020 International World Wide Web Conference (i3w) MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps MOTIVATION The perspective of mobile advertisers themselves, who provide ad content and pay ad networks, has been

  1. 2020 International World Wide Web Conference (i3w) MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps

  2. MOTIVATION The perspective of mobile advertisers themselves, who provide ad content and pay ad networks, has been rarely studied. AD NETWORK Pay Distribute ADVERTIS USER ER View

  3. AD CONTENT TYPE 1. Re-direction Link towards landing page 2. Deep link to switch current page to Google Play Store 3. Automatically downloading of a file 952634.cn Landing Page

  4. CONTENT TYPE A click-deceptive Image

  5. 5 CATEGORIES DEVIOUS AD CONTENT A click-deceptive Image

  7. TCM: TRAFFIC COLLECTION MODULE • Challenge: Not all traffics are ad traffic • Solution: Click on Main UI and Exit UI [61], and Click on Webview, ImageView, and ViewFlipper • Implementation: BFS, Base on Attribute Figure 5: An example of a view tree

  8. CONTENT EXTRACT MODULE • Purpose: Get images and executable scripts, • Method: Fiddler + Http function hook • Challenge: 1. How to determine the domain is Ad domain? • 2. Given Ad libs, the domain may change. Input : Host and Ad libs Output : Host-lib Mapping Solution : Iteratively find libs

  9. DEVIOUSNESS DETECTION MODULE • 5 categories -> 5 dedicated parts • Click deceiving image: Object recognition • Censored Image: Google API • Gambling: OCR • Malicious App, Script, redirection link: Online antivirus platform

  10. EVALUATION: RESEARCH QUESTION

  11. RQ1: Can MadDroid detect devious mobile ad contents

  12. RQ1: Can MadDroid detect devious mobile ad contents

  13. RQ1: Can MadDroid detect devious mobile ad contents

  14. RQ1: Can MadDroid detect devious mobile ad contents

  15. RQ2: How effective is the HTTP hooking approach (in the CEM module) in locating ad traffic from general network traffic? Host Only: Input host Lib Only: Input Lib Host&lib: Input both host name and lib

  16. RQ3: ACCURACY Click Deceptive: 97.51% recall, 97.99% accuracy Censored Image: 100% The rest: not specified

  17. THANK YOU

  18. COMPARISON: TCM: TRAFFIC COLLECTION MODULE • Purpose: Generate Ad Traffic only • Method: BFS, Base on Attribute My framework: Collecting traffic after launch for 20s 这样做有⾜够的理论基础吗 是否还需要做其他⽅向的收集 Generalization

  19. 还可以⼲什么 得到买⽅域名和使⽤的函数名 COMPARISON: CONTENT EXTRACT MODULE • Purpose: Get images and executable scripts • Method: Fiddler + Http function hook My Framework text/Html: 赌博⽂字 mapping 可以⽤来做 campaign ⽣态研究 制作⽅ -libraries-domain(ip)

  20. COMPARISON: DEVIOUSNESS DETECTION MODULE • 5 categories -> 5 dedicated parts • Click deceiving image: Object recognition • Censored Image: Google API Gambling , OCR • Malicious App, Script, redirection link: Online antivirus platform My framework 检测赌博⽂字⽤关键词,赌博图⽚可以采⽤ OCR NLP 可能⽤不上 发现新的关键词,参考 Tsinghua Duan

  21. 不能依据这⼀点做判断 EXPERIMENT JSBUNDLE: 2 HTML: Webkit Pop-up:18 CFNetwork Embedded: 17 Normal: 3 Finding 基本所有正常的 APP 包含服务器返回 url ,并之后访问此 url 的情况。 devious App 全是这种情况。

  22. 第三⽅库 TO-DO 通过动态调试⼿段,观察 app 调⽤函数的相同点 iOS 新的 challenge : ⽭盾点: ⼤量 app 基于 webview 加载 ⽆法判断是否是灰产 Parallel webview 类似占⽐

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Detecting and Detecting and Characterizing Heterogeneity Characterizing Heterogeneity

Detecting and Detecting and Characterizing Heterogeneity Characterizing Heterogeneity

Detecting and Detecting and Characterizing Heterogeneity Characterizing Heterogeneity (Biochemical or Conformational) (Biochemical or Conformational) by Cryo-EM by Cryo-EM Eva Nogales HHMI / UC Berkeley LBNL Seth Kostek Transcription

492 views • 34 slides
K-Stacker, a new way of detecting and characterizing exoplanets with high contrast imaging

K-Stacker, a new way of detecting and characterizing exoplanets with high contrast imaging

Twenty years of giant exoplanets - Proceedings of the Haute Provence Observatory Colloquium, 5-9 October 2015 Edited by I. Boisse, O. Demangeon, F. Bouchy & L. Arnold K-Stacker, a new way of detecting and characterizing exoplanets with high

472 views • 7 slides
Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing Peter Snyder*

Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing Peter Snyder*

Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing Peter Snyder* Periwinkle Doerfler + Chris Kanich* Damon McCoy + * + 1 Overview Doxing is a targeted form of online abuse Prior work is qualitative or on

574 views • 41 slides
Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing Peter Snyder*

Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing Peter Snyder*

Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing Peter Snyder* Periwinkle Doerfler + Chris Kanich* Damon McCoy + * + 1 Overview Doxing is a target form of online abuse Prior work is qualitative or

707 views • 48 slides
Detecting and Characterizing Events Unsupervised Machine Learning for Social Science Allison

Detecting and Characterizing Events Unsupervised Machine Learning for Social Science Allison

Detecting and Characterizing Events Unsupervised Machine Learning for Social Science Allison J.B. Chaney Princeton University supervised learning unsupervised learning methods input output prediction exploration goals 9 3 1 ? 5 6

920 views • 59 slides
devious plans darkness lurks in a hidden corner SMITE G O D S G R A N D R E V E R S A L

devious plans darkness lurks in a hidden corner SMITE G O D S G R A N D R E V E R S A L

devious plans darkness lurks in a hidden corner SMITE G O D S G R A N D R E V E R S A L G O D S G R A N D R E V E R S A L watches over us guards us careful attention G O D S G R A N D R E V E R S A L CHAPTER 6 G O D

637 views • 40 slides
12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic

12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic

12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic graphics 2.Detecting manipulated images Photo manipulation is the application of image editing techniques to photographs in order to create an

306 views • 13 slides
On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies

On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies

On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies Internet Routing Policies Feng Wang Lixin Gao Department of Electrical and Computer Engineering University of Massachusetts, Amherst MA 01002, USA 1

450 views • 18 slides
Detecting Chang Detecting Changes in W s in Water ter Qua Q ualit lity i lit lit i in L

Detecting Chang Detecting Changes in W s in Water ter Qua Q ualit lity i lit lit i in L

Detecting Chang Detecting Changes in W s in Water ter Qua Q ualit lity i lit lit i in L i L L Long ong I I Islan I l and S d S d S d Soun ound d with with NERACOOS Buoy y Observations James ODonnell, Todd Fake, Kay

815 views • 26 slides
Integrated Heavy Metals Detecting Machine WearefromKoreaUniversity(

Integrated Heavy Metals Detecting Machine WearefromKoreaUniversity(

2009Team:KU_Seoul Integrated Heavy Metals Detecting Machine WearefromKoreaUniversity( Seoul,SouthKorea ) Contents 1 Backgrounds 2 Approach 3 Experimental Procedures 4 Results 5 Future Works

1.12k views • 34 slides
Detecting Cracks under Bushings Detecting Cracks under Bushings in Aircraft Structures in

Detecting Cracks under Bushings Detecting Cracks under Bushings in Aircraft Structures in

Inno Innovative Materials tive Materials Air Force Research Center for Nondestructive Testin Testing T Tech chnologies, es, I Inc. c. Laboratory Evaluation Detecting Cracks under Bushings Detecting Cracks under Bushings in Aircraft

308 views • 12 slides
Detecting Outliers with Ensemble of Profile HMMs Xilin Yu 1 UIUC December 11, 2018 1 under the

Detecting Outliers with Ensemble of Profile HMMs Xilin Yu 1 UIUC December 11, 2018 1 under the

Detecting Outliers with Ensemble of Profile HMMs Xilin Yu 1 UIUC December 11, 2018 1 under the supervision of Tandy Warnow Xilin Yu (UIUC) Detecting Outliers Dec 11, 2018 1 / 19 Table of Contents Introduction 1 Method Overview 2

388 views • 19 slides
Detecting changes in Detecting changes in the rate the rate of a of a Poisson process

Detecting changes in Detecting changes in the rate the rate of a of a Poisson process

Detecting changes in Detecting changes in the rate the rate of a of a Poisson process Poisson process George V. Moustakides Outline Overview of the change detection problem CUSUM test and Lordens criterion The Poisson

454 views • 28 slides
Ubiquitous and Mobile Computing CS 528: Automatically Characterizing Places with Opportunistic

Ubiquitous and Mobile Computing CS 528: Automatically Characterizing Places with Opportunistic

Ubiquitous and Mobile Computing CS 528: Automatically Characterizing Places with Opportunistic CrowdSensing using Smartphones Gauri Pulekar Computer Science Dept. Worcester Polytechnic Institute (WPI) Automatically Characterizing Places with

311 views • 30 slides
Characterizing and Synthesizing Task Dependencies of Data-Parallel Jobs in Alibaba Cloud

Characterizing and Synthesizing Task Dependencies of Data-Parallel Jobs in Alibaba Cloud

Characterizing and Synthesizing Task Dependencies of Data-Parallel Jobs in Alibaba Cloud Huangshi Tian, Yunchuan Zheng, Wei Wang @ HKUST Nov. 21, 2019 1 Every job is born equal, but some are more complicated ... Hadoop Spark Characterizing

269 views • 26 slides
Detecting

Detecting

Detecting Cognitive Load during Simultaneous Interpretation using EEG Phase Synchronization

552 views • 32 slides
From Crash Consistency to Transactions Yige Hu Youngjin Kwon Vijay Chidambaram Emmett Witchel

From Crash Consistency to Transactions Yige Hu Youngjin Kwon Vijay Chidambaram Emmett Witchel

From Crash Consistency to Transactions Yige Hu Youngjin Kwon Vijay Chidambaram Emmett Witchel Persistent data is structured; crash consistency hard Structured data abstractions built on file system SQLite, BerkeleyDB...

468 views • 34 slides
Clicks for Cash commonsense.org/education Shareable with attribution for noncommercial use.

Clicks for Cash commonsense.org/education Shareable with attribution for noncommercial use.

DIGITAL CITIZENSHIP | GRADE 11 Clicks for Cash commonsense.org/education Shareable with attribution for noncommercial use. Remixing is permitted. Essential Question How does internet advertising contribute to the spread of misinformation?

345 views • 15 slides
Wireless networks Routing: DYMO 1 AODV-DSR: Comparison Many studies in the literature

Wireless networks Routing: DYMO 1 AODV-DSR: Comparison Many studies in the literature

Wireless networks Routing: DYMO 1 AODV-DSR: Comparison Many studies in the literature DSR Allows multiple routes Supports unidirectional links Overheards and caches routing info AODV Does not require long

735 views • 35 slides
Whats Next for HTCondor-CE? Brian Bockelman OSG AHM 2015 HTCondor-CE in a slide Submit Host

Whats Next for HTCondor-CE? Brian Bockelman OSG AHM 2015 HTCondor-CE in a slide Submit Host

Whats Next for HTCondor-CE? Brian Bockelman OSG AHM 2015 HTCondor-CE in a slide Submit Host Condor Schedd Submit Host Job (grid universe) HTCondor Schedd Job (grid universe) PBS Case Condor-C submit HTCondor Case Condor-CE Schedd

634 views • 12 slides
Class of 2019 Important FYIs and Info Spring 2019 2 Graduation Caps and Gowns Cap and Did

Class of 2019 Important FYIs and Info Spring 2019 2 Graduation Caps and Gowns Cap and Did

Class of 2019 Important FYIs and Info Spring 2019 2 Graduation Caps and Gowns Cap and Did et m er?! Gowns delivered LA D - Mar 14t April 8 & 9 Ino il in

410 views • 17 slides
ABIs, linkers and other animals Stephen Kell stephen.kell@cl.cam.ac.uk Computer Laboratory

ABIs, linkers and other animals Stephen Kell stephen.kell@cl.cam.ac.uk Computer Laboratory

ABIs, linkers and other animals Stephen Kell stephen.kell@cl.cam.ac.uk Computer Laboratory University of Cambridge ABIs, linkers . . . p.1/66 Subject of this talk introduce murky artifacts to those unfamiliar ABIs linkers

791 views • 68 slides
Warm Up Solve: 1. 15 = 4m + 5 2. 12(x + 5) = 144 1 Lesson 2 Slides, Flips, and Spins

Warm Up Solve: 1. 15 = 4m + 5 2. 12(x + 5) = 144 1 Lesson 2 Slides, Flips, and Spins

Lesson 2 Slides, Flips, and Spins Notes August 16, 2018 Warm Up Solve: 1. 15 = 4m + 5 2. 12(x + 5) = 144 1 Lesson 2 Slides, Flips, and Spins Notes August 16, 2018 Warm Up Solve: 1. 15 = 4m + 5 2 Lesson 2 Slides, Flips, and

218 views • 9 slides
March - June Rochelle Santos 06.28.2018 Crisis Communication Review of First Three

March - June Rochelle Santos 06.28.2018 Crisis Communication Review of First Three

Media & Communications: March - June Rochelle Santos 06.28.2018 Crisis Communication Review of First Three Months Social Media Website Brand Tools Archive Social Agenda Meltwater NSPRA

578 views • 37 slides

More recommend