@inproceedings{Liu-WWW-20,
author = {Liu, Tianming and Wang, Haoyu and Li, Li and Luo, Xiapu and Dong,
Feng and Guo, Yao and Wang, Liu and Bissyand\'{e}, Tegawend\'{e} and Klein,
Jacques},
title = {MadDroid: Characterizing and Detecting Devious Ad Contents for
Android Apps},
year = {2020},
isbn = {9781450370233},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3366423.3380242},
doi = {10.1145/3366423.3380242},
abstract = {Advertisement drives the economy of the mobile app ecosystem. As
a key component in the mobile ad business model, mobile ad content has been
overlooked by the research community, which poses a number of threats, e.g.,
propagating malware and undesirable contents. To understand the practice of
these devious ad behaviors, we perform a large-scale study on the app
contents harvested through automated app testing. In this work, we first
provide a comprehensive categorization of devious ad contents, including
five kinds of behaviors belonging to two categories: ad loading content and
ad clicking content. Then, we propose MadDroid, a framework for automated
detection of devious ad contents. MadDroid leverages an automated app
testing framework with a sophisticated ad view exploration strategy for
effectively collecting ad-related network traffic and subsequently
extracting ad contents. We then integrate dedicated approaches into the
framework to identify devious ad contents. We have applied MadDroid to
40,000 Android apps and found that roughly 6% of apps deliver devious ad
contents, e.g., distributing malicious apps that cannot be downloaded via
traditional app markets. Experiment results indicate that devious ad
contents are prevalent, suggesting that our community should invest more
effort into the detection and mitigation of devious ads towards building a
trustworthy mobile advertising ecosystem.},
booktitle = {Proceedings of The Web Conference 2020},
pages = {1715¨C1726},
numpages = {12},
keywords = {ad fraud, Android app, mobile advertising, malware},
location = {Taipei, Taiwan},
series = {WWW '20}
}