nomoads
play

NoMoAds: Effective and Efficient Cross-App Mobile Ad-Blocking - PowerPoint PPT Presentation

Oct 09, 2022 •569 likes •859 views

NoMoAds: Effective and Efficient Cross-App Mobile Ad-Blocking Anastasia Shuba Athina Markopoulou Zubair Shafiq UC Irvine UC Irvine University of Iowa Motivation Issues with Mobile Ads: 1. Intrusive 2. Overhead 3. Tracking 4. Malware

  1. NoMoAds: Effective and Efficient Cross-App Mobile Ad-Blocking Anastasia Shuba Athina Markopoulou Zubair Shafiq UC Irvine UC Irvine University of Iowa

  2. Motivation Issues with Mobile Ads: 1. Intrusive 2. Overhead 3. Tracking 4. Malware NoMoAds. Shuba et al. 2

  3. Background: Ads & Ad-Blocking Get ad! EasyList (~64K rules) NoMoAds. Shuba et al. 3

  4. Background: Related Work Fine- Mobile- Runs on Detects Ads Automated Cross-App Grained Specific Device DNS66, Disconnect, × ×     etc. 86% of Ad-Blocking × × ×    Apps × ×     AdblockPlus [Razaghpanah et al. ×      NDSS ‘18] ReCon [Ren et al. × ×     MobiSys ‘16]       NoMoAds NoMoAds. Shuba et al. 4

  5. NoMoAds Design Fine- Mobile- Runs on Detects Ads Automated Cross-App Grained Specific Device Trained on Trained on VPN-based VPN app, no NoMoAds Uses ML Per-packet mobile ads mobile data solution server Effectiveness Efficiency  Built on top of AntMonitor  Avoid Java parsing Ad Request Classifier No Ad Request AntMonitor [Shuba et al. ‘16] NoMoAds. Shuba et al. 5

  6. System Overview NoMoAds. Shuba et al. 6

  7. Data Collection • Tested 50 most popular apps that serve ads • Used EasyList as a starting point Interact with the app for 5 min Save packet Create and add traces + labels new rule Different ad shown Interact with the app for 5 min Same ad shown Delete rule NoMoAds. Shuba et al. 7

  8. Available on our website! The NoMoAds Dataset http://athinagroup.eng.uci.edu/projects/nomoads/ • Apps: 50 • Packets: >15k • Packets with ads: >4.5k • Ad libraries: 41 • Good coverage: all libraries that account for at least 2% of installs • First mobile ads dataset • Using EasyList (and/or other lists) is not enough: • EasyList fails to detect >37% of ad requests • Detects ads generated by two of the most popular ad libraries (AdMob and MoPub) • Have desktop counterparts: Google owns AdMob, and Twitter owns MoPub • Fails to detect ads generated by libraries such as UnityAds and AppsFlyer NoMoAds. Shuba et al. 8

  9. System Overview NoMoAds. Shuba et al. 9

  10. Training: Feature Selection Number of Approaches Under F1 score Initial Training Tree Comparison (%) Features Time (ms) Size EasyList: URL + Content blocking Type + HTTP Referer 77.1 63,977 N/A N/A lists Ad- hpHosts: Host 61.7 47,557 N/A N/A AdAwayHosts: Host 58.1 409 N/A N/A Destination IP + Port 87.6 2 298 304 Domain 86.3 1 26 1 Different Sets of NoMoAds with Path Component of URL 92.7 3,557 424,986 188 Features URL 93.7 4,133 483,224 196 URL+Headers 96.3 5,320 755,202 274 … URL+Headers+PII 96.9 5,326 770,015 277 URL+Headers+Apps+PII 97.7 5,327 555,126 223 URL+Headers+Apps 97.8 5,321 635,400 247 NoMoAds. Shuba et al. 10

  11. Training • Built on ReCon – a system for detecting privacy leaks in mobile packets Ad Request Classifier Packet 1) /m/ No Ad Request 2) /ad? 3) ?v= 4) &id= GET /m/ad?v =6&id=…&bundle= com.BeresnevGames.Knife … 5) &w= &o=p&w=1440&h=2560&sc_a=3.5&ct=2&av=1.5&udid=ifa 6) &h= …&dnt=0&mr=1&android_perms_ext_storage=0 7) &dnt= 8) ads.mopub.com\r\n Host: ads.mopub.com\r\n NoMoAds. Shuba et al. 11

  12. Training • Built on ReCon – a system for detecting privacy leaks in mobile packets Ad Request Classifier 1) /m/ No Ad Request 2) /ad? 3) ?v= 4) &id= GET /m/ad?v =6&id=…&bundle= com.BeresnevGames.Knife … 5) &w= &o=p&w=1440&h=2560&sc_a=3.5&ct=2&av=1.5&udid=ifa 6) &h= …&dnt=0&mr=1&android_perms_ext_storage=0 7) &dnt= 8) ads.mopub.com\r\n Host: ads.mopub.com\r\n 9) /network_ads_common 10) www.facebook.com\r\n NoMoAds. Shuba et al. 12

  13. Training: Feature Selection Number of Approaches Under F1 score Initial Training Tree Comparison (%) Features Time (ms) Size EasyList: URL + Content blocking Type + HTTP Referer 77.1 63,977 N/A N/A lists Ad- hpHosts: Host 61.7 47,557 N/A N/A AdAwayHosts: Host 58.1 409 N/A N/A Destination IP + Port 87.6 2 298 304 Different Sets of NoMoAds with Domain 86.3 1 26 1 URL 93.7 4,133 483,224 196 Features … NoMoAds. Shuba et al. 13

  14. Training: Feature Selection Number of Approaches Under F1 score Initial Training Tree Comparison (%) Features Time (ms) Size EasyList: URL + Content blocking Type + HTTP Referer 77.1 63,977 N/A N/A lists Ad- hpHosts: Host 61.7 47,557 N/A N/A AdAwayHosts: Host 58.1 409 N/A N/A Destination IP + Port 87.6 2 298 304 Different Sets of NoMoAds with Domain 86.3 1 26 1 URL 93.7 4,133 483,224 196 Features URL+Headers 96.3 5,320 755,202 274 NoMoAds. Shuba et al. 14

  15. Training: Feature Selection Number of Approaches Under F1 score Initial Training Tree Comparison (%) Features Time (ms) Size EasyList: URL + Content blocking Type + HTTP Referer 77.1 63,977 N/A N/A lists Ad- hpHosts: Host 61.7 47,557 N/A N/A AdAwayHosts: Host 58.1 409 N/A N/A Destination IP + Port 87.6 2 298 304 Different Sets of NoMoAds with Domain 86.3 1 26 1 URL 93.7 4,133 483,224 196 Features URL+Headers 96.3 5,320 755,202 274 URL+Headers+PII 96.9 5,326 770,015 277 NoMoAds. Shuba et al. 15

  16. Training: Feature Selection Number of Approaches Under F1 score Initial Training Tree Comparison (%) Features Time (ms) Size EasyList: URL + Content blocking Type + HTTP Referer 77.1 63,977 N/A N/A lists Ad- hpHosts: Host 61.7 47,557 N/A N/A AdAwayHosts: Host 58.1 409 N/A N/A Destination IP + Port 87.6 2 298 304 Different Sets of NoMoAds with Domain 86.3 1 26 1 URL 93.7 4,133 483,224 196 Features URL+Headers 96.3 5,320 755,202 274 URL+Headers+PII 96.9 5,326 770,015 277 URL+Headers+Apps+PII 97.7 5,327 555,126 223 NoMoAds. Shuba et al. 16

  17. Training: Feature Selection Number of Approaches Under F1 score Initial Training Tree Comparison (%) Features Time (ms) Size EasyList: URL + Content blocking Type + HTTP Referer 77.1 63,977 N/A N/A lists Ad- hpHosts: Host 61.7 47,557 N/A N/A AdAwayHosts: Host 58.1 409 N/A N/A Destination IP + Port 87.6 2 298 304 Different Sets of NoMoAds with Domain 86.3 1 26 1 URL 93.7 4,133 483,224 196 Features URL+Headers 96.3 5,320 755,202 274 URL+Headers+PII 96.9 5,326 770,015 277 URL+Headers+Apps+PII 97.7 5,327 555,126 223 URL+Headers+Apps 97.8 5,321 635,400 247 NoMoAds. Shuba et al. 17

  18. Training: The Decision Tree NoMoAds. Shuba et al. 18

  19. Training: The Decision Tree NoMoAds. Shuba et al. 19

  20. Training: Summary • The more information we use, the better the F1 score • Classifier trained on URL+Headers+PII perform well • Split test and training sets: • Based on packets: 96.9% F1 score • Based on apps: 70% of apps have an F1 score ≥ 80% • Based on ad libraries: 100% F1 score, even with library overlap below 100% Code available on our website! http://athinagroup.eng.uci.edu/projects/nomoads/ NoMoAds. Shuba et al. 20

  21. System Overview NoMoAds. Shuba et al. 21

  22. Applying Classifiers to Packets How to avoid this parsing step? 1) GET 2) /m/ GET /m/ad?v =6&id=…&bundle= com.BeresnevGames.Knife … 3) /ad? &o=p&w=1440&h=2560&sc_a=3.5&ct=2&av=1.5&udid=ifa 4) ?v= …&dnt=0&mr=1&android_perms_ext_storage=0 5) =6& 6) &id= Host: ads.mopub.com\r\n 7) &w= 8) &h= 9) &dnt= 10) ads.mopub.com\r\n NoMoAds. Shuba et al. 22

  23. Applying Classifiers to Packets 1) &dnt= 2) ads.mopub.com\r\n 3) &model= 4) &ifa= 5) /api/ 6) /native/ 7) cdn.outfit7.com\r\n 8) /soft/ 9) okhttp/ 10) &device_id= 11) com.smule.singandroid/ 12) helpgrid1.ksmobile.com\r\n 13) boundary= 14) …. NoMoAds. Shuba et al. 23

  24. Applying Classifiers to Packets GET /m/ad?v =6&id=…&bundle= com.BeresnevGames.Knife … 1) &dnt= &o=p&w=1440&h=2560&sc_a=3.5&ct=2&av=1.5&udid=ifa 2) ads.mopub.com\r\n …&dnt=0&mr=1&android_perms_ext_storage=0 3) &model= 4) &ifa= Host: ads.mopub.com\r\n 5) /api/ 6) /native/ 7) cdn.outfit7.com\r\n 8) /soft/ 1) &dnt= 9) okhttp/ 2) ads.mopub.com\r\n 10) &device_id= 11) com.smule.singandroid/ 12) helpgrid1.ksmobile.com\r\n 13) boundary= 14) …. NoMoAds. Shuba et al. 24

  25. Applying Classifiers to Packets: Evaluation • First time on-device per-packet classification in real-time • Setup • Timed how long prediction takes on a Nexus 6 • Fed 10 HTTP packets of varying sizes (between 300-2000B), repeated 100 times • Results: • Extracting features and applying the DT classifier: 2.96 ± 2.07 ms • Most of the delay from applying the classifier • Recent improvement: 1.87 ± 0.77 ms NoMoAds. Shuba et al. 25

  26. Conclusion & Future Directions • NoMoAds: cross-app mobile ad-blocker • Effective and efficient machine learning on the mobile device Future Directions • Larger dataset • Detect app breakage • Extend to trackers Photo by Jimmy Nelson NoMoAds. Shuba et al. 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

PIT Overload Analysis in Content Centric Networks Matteo Virgilio, Guido Marchetto, Riccardo

PIT Overload Analysis in Content Centric Networks Matteo Virgilio, Guido Marchetto, Riccardo

ACM SIGCOMM Workshop on Information-Centric Networking 12/08/2013 PIT Overload Analysis in Content Centric Networks Matteo Virgilio, Guido Marchetto, Riccardo Sisto Department of Control and Computer Engineering Politecnico di Torino 1/16

393 views • 16 slides
SAWC FORUM It is the unit within which the most important decisions to manage uncertain

SAWC FORUM It is the unit within which the most important decisions to manage uncertain

Focus on the Household! SAWC FORUM It is the unit within which the most important decisions to manage uncertain events are made It is the unit that benefits the positive effects of policies and suffers for negative effects of shocks

318 views • 3 slides
ReCon: Revealing and Controlling PII Leaks in Mobile Network Systems Jingjing Ren, Martina

ReCon: Revealing and Controlling PII Leaks in Mobile Network Systems Jingjing Ren, Martina

ReCon: Revealing and Controlling PII Leaks in Mobile Network Systems Jingjing Ren, Martina Lindorfer, Ashwin Rao, Arnaud Legout, David Choffnes (MobiSys 16) Presented by : Umar Farooq CS 563 Fall 2018 Mobile Phones today.. q Offer

439 views • 27 slides
The Dynamical Structure and Ini3al Mass Func3on of the Arches Cluster Jessica Lu (UH/IfA), Jay

The Dynamical Structure and Ini3al Mass Func3on of the Arches Cluster Jessica Lu (UH/IfA), Jay

The Dynamical Structure and Ini3al Mass Func3on of the Arches Cluster Jessica Lu (UH/IfA), Jay Anderson (StSci), Ma;hew Hosek Jr. Andrea Ghez (UCLA), Mark Morris (UCLA), Will Clarkson (UMichigan-Dearborn), Tuan Do Graduate Student, UH/IfA

286 views • 24 slides
ASA/NAIFA Merger Update Presented by: Mark Evans, IFAS | NAIFA Merger Task Force Member John D.

ASA/NAIFA Merger Update Presented by: Mark Evans, IFAS | NAIFA Merger Task Force Member John D.

ASA/NAIFA Merger Update Presented by: Mark Evans, IFAS | NAIFA Merger Task Force Member John D. Russell, JD | ASA Merger Project Manager Webinar Overview Update on the ASA/NAIFA Merger Process: Implementation efforts Questions weve

269 views • 13 slides
Urban Forestry Public Hearing B a c k g r o u n d & F r a m i n g Mayor Joseph A. Curtatone

Urban Forestry Public Hearing B a c k g r o u n d & F r a m i n g Mayor Joseph A. Curtatone

Urban Forestry Public Hearing B a c k g r o u n d & F r a m i n g Mayor Joseph A. Curtatone Michael F. Glavin, OSPCD Executive Director B r a d R a w s o n , D i r e c t o r o f T r a n s p o r t a t i o n & I n f r a s t r u c t

337 views • 11 slides
Multi-agent distributed optimization over networks and its application to energy systems Maria

Multi-agent distributed optimization over networks and its application to energy systems Maria

Vistas in Control | ETH Zurich | September 10 - 11 2018 Multi-agent distributed optimization over networks and its application to energy systems Maria Prandini Introduction Robotic networks Social networks taken from AJGpr.com Transportation

1.27k views • 116 slides
ANY AGE at HOW TO IGNITE PASSION IN YOUR PEOPLE IGNITE PASSION WITHOUT BURNING THEM OUT

ANY AGE at HOW TO IGNITE PASSION IN YOUR PEOPLE IGNITE PASSION WITHOUT BURNING THEM OUT

EricChester.com on ANY AGE at HOW TO IGNITE PASSION IN YOUR PEOPLE IGNITE PASSION WITHOUT BURNING THEM OUT brand community people ericchester.com The only way to attract and people retain great people is to offer a culture that other

459 views • 31 slides
UK Life, Driving value through excellence Investor and Analyst Event, Wednesday 6 th May 2009

UK Life, Driving value through excellence Investor and Analyst Event, Wednesday 6 th May 2009

UK Life, Driving value through excellence Investor and Analyst Event, Wednesday 6 th May 2009 Andrew Moss NUL18.11.08 Disclaimer This presentation may include oral and written forward-looking statements with respect to certain of Avivas

578 views • 25 slides
Three arguments in defense of the digital services tax IFA Asia-Pacific Regional Tax Conference,

Three arguments in defense of the digital services tax IFA Asia-Pacific Regional Tax Conference,

Three arguments in defense of the digital services tax IFA Asia-Pacific Regional Tax Conference, Taipei, April 19, 2018 Wei Cui, Peter A. Allard School of Law, University of British Columbia Reactions Practitioners: Clifford Chance,

505 views • 13 slides
SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography Christoph Dobraunig 1 ,

SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography Christoph Dobraunig 1 ,

SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography Christoph Dobraunig 1 , Maria Eichlseder 1 , Thomas Korak 2 , Stefan Mangard 1 , Florian Mendel 2 , Robert Primas 1 1 Graz University of Technology, Austria

730 views • 54 slides
Tonights Agenda Informal review of document, concepts Open House and conversation with

Tonights Agenda Informal review of document, concepts Open House and conversation with

2014 Draft Southeast Alaska Transportation Plan Tonights Agenda Informal review of document, concepts Open House and conversation with ADOT&PF staff 5:30-6:30 pm Public Meeting Introductions, ADOT&PF Presentation on Draft SATP

377 views • 24 slides
Agenda 9 th User Group meeting in Brussels* 21/11/2018 12:30 16:00 CET TIME AGENDA ITEM

Agenda 9 th User Group meeting in Brussels* 21/11/2018 12:30 16:00 CET TIME AGENDA ITEM

Agenda 9 th User Group meeting in Brussels* 21/11/2018 12:30 16:00 CET TIME AGENDA ITEM PRESENTER 12:30 13:15 Lunch 13:15 13:25 1. Welcome, agenda Mark Pickles 13:25 13:50 2. Feedback Market Parties on XBID operation Mark

651 views • 62 slides
Introduction to Fault Attacks Josep Balasch KU Leuven ESAT / COSIC IACR Summer School 2015 Chia

Introduction to Fault Attacks Josep Balasch KU Leuven ESAT / COSIC IACR Summer School 2015 Chia

Introduction to Fault Attacks Josep Balasch KU Leuven ESAT / COSIC IACR Summer School 2015 Chia Laguna, Sardinia (Italy) 19 October 2015 Introduction to Fault Attacks 19 October 2015 What are fault attacks? Active attacks against

571 views • 27 slides
PKI: Glue of Middleware PKI: Glue of Middleware Michael R Gettes, Duke University Michael R

PKI: Glue of Middleware PKI: Glue of Middleware Michael R Gettes, Duke University Michael R

PKI: Glue of Middleware PKI: Glue of Middleware Michael R Gettes, Duke University Michael R Gettes, Duke University EuroCAMP EuroCAMP November, 2005 November, 2005 Landscaping Landscaping PKI Hierarchies and Bridges PKI Hierarchies

455 views • 26 slides
Being Predictable and Avoiding TAR Over-runs Graeme Walker, Topside Conference 2017 14 th June

Being Predictable and Avoiding TAR Over-runs Graeme Walker, Topside Conference 2017 14 th June

Being Predictable and Avoiding TAR Over-runs Graeme Walker, Topside Conference 2017 14 th June 2017 Planning for Turnarounds MILESTONE Avoid id Over-runs ns = Good Planning ning Identify and agree workscope October Phase 1

376 views • 10 slides
Information-Theoretically Optimal Compressed Sensing via Spatial Coupling and Approximate Message

Information-Theoretically Optimal Compressed Sensing via Spatial Coupling and Approximate Message

Information-Theoretically Optimal Compressed Sensing via Spatial Coupling and Approximate Message Passing Adel Javanmard with David Donoho and Andrea Montanari Stanford University November 10, 2012 Donoho, Javanmard, Montanari Compressed

470 views • 46 slides
CapitaLand Limited Creating Asias Leading Diversified Real Estate Company 22 March 2019 1

CapitaLand Limited Creating Asias Leading Diversified Real Estate Company 22 March 2019 1

CapitaLand Limited Creating Asias Leading Diversified Real Estate Company 22 March 2019 1 Disclaimer This presentation may contain forward-looking statements that involve risks and uncertainties. Any actual future performance, outcomes and

763 views • 58 slides
Commercial Multi-vendor NFV System Hayashi Kohei, NTT DOCOMO Jo Hiroyuki, NTT Takahashi

Commercial Multi-vendor NFV System Hayashi Kohei, NTT DOCOMO Jo Hiroyuki, NTT Takahashi

Open Infrastructure Summit 2019 Shanghai NTT DOCOMOs Operational Challenges of Commercial Multi-vendor NFV System Hayashi Kohei, NTT DOCOMO Jo Hiroyuki, NTT Takahashi Toshiaki, NEC Corporation Message of this session Technical challenges

622 views • 33 slides
Lecture 2: The Kelly criterion for favorable games: stock market investing for individuals David

Lecture 2: The Kelly criterion for favorable games: stock market investing for individuals David

Lecture 2: The Kelly criterion for favorable games: stock market investing for individuals David Aldous January 25, 2016 Most adults drive/own a car Few adults work in the auto industry. By analogy Most (middle class) adults will have

610 views • 40 slides
Design and Evaluation of a new MAC Protocol for Long- Distance 802.11 Mesh Networks by

Design and Evaluation of a new MAC Protocol for Long- Distance 802.11 Mesh Networks by

Design and Evaluation of a new MAC Protocol for Long- Distance 802.11 Mesh Networks by Bhaskaran Raman & Kameswari Chebrolu ACM Mobicom 2005 Reviewed by Anupama Guha Thakurta CS525M - Mobile and Ubiquitous Computing Seminar, Spring

863 views • 41 slides
Exploiting Unfounded Sets for HEX-Program Evaluation Thomas Eiter, Michael Fink, Thomas

Exploiting Unfounded Sets for HEX-Program Evaluation Thomas Eiter, Michael Fink, Thomas

Exploiting Unfounded Sets for HEX-Program Evaluation Thomas Eiter, Michael Fink, Thomas Krennwallner, Christoph Redl, Peter Sch uller redl@kr.tuwien.ac.at September 27, 2012 Redl C. (TU Vienna) HEX-Programs September 27, 2012 1 / 23

640 views • 31 slides
Practical Bioinformatics Mark Voorhies 4/19/2011 Mark Voorhies Practical Bioinformatics Review

Practical Bioinformatics Mark Voorhies 4/19/2011 Mark Voorhies Practical Bioinformatics Review

Practical Bioinformatics Mark Voorhies 4/19/2011 Mark Voorhies Practical Bioinformatics Review Topic Learning Python Dive Into Python Types (string, int, float, list) 2 3 Assignment (=, +=) 2 3 Slicing and indexing 4 3.2 References

443 views • 6 slides
Fluctuation theorem in systems in contact with different heath baths: theory and experiments.

Fluctuation theorem in systems in contact with different heath baths: theory and experiments.

Fluctuation theorem in systems in contact with different heath baths: theory and experiments. Alberto Imparato Institut for Fysik og Astronomi Aarhus Universitet Denmark Workshop Advances in Nonequilibrium Statistical Mechanics GGI-Firenze

647 views • 42 slides

More recommend