Lessons Learned from Detecting and Analyzing Android Advertisement Malpractices
By:Ryan Christopher Stevens
Published on 2015 by
The popularity of smart phones is driven by the presence of third-party applications (apps). Many apps are available for free and are monetized through the inclusion of advertisements (ads) embedded in the user interface of the app. In Android, ads are implemented using design philosophies prevalent on the web: code mashups, where apps include third-party ad libraries as part of the application, and remote procedure calls, where functionality is offloaded to a web server via network API calls. However, there is no Same-Origin Policy within an app, as there is on the web within a web page, and as such these design philosophies enable attacks which are unique to mobile ad deployment. In this dissertation, I will discuss two such attacks. The first is mobile app ad fraud, where an app forges fake ad requests to artificially inflate revenue. I will discuss a systemcalled MAdFraud which is able to automatically detect ad behavior, including ad fraud, in Android apps. The second attack is user data exfiltration by ad libraries. I will present a study of popular Android ad libraries and how the lack of separation between app code and ad code allows them to silently exfiltrate user data for targeting purposes. After describing the attacks, I will present two research projects which would help alleviate some of these security concerns. The first is called the Mobile Trusted-Origin Policy (MTOP), which is as system for providing a secure environment to code mashups and unforgable network provenance to remote procedure calls. The second is a performance improvement to Transport Layer Security (SSL/TLS) which would increase TLS performance for ad requests, incentivising adoption of TLS for ad providers.
This Book was ranked at 17 by Google Books for keyword android.
Book ID of Lessons Learned from Detecting and Analyzing Android Advertisement Malpractices's Books is gresswEACAAJ, Book which was written byRyan Christopher Stevenshave ETAG "/6kuMBvgh9I"
Book which was published by since 2015 have ISBNs, ISBN 13 Code is 9781339259901 and ISBN 10 Code is 1339259907
Reading Mode in Text Status is false and Reading Mode in Image Status is false
Book which have " Pages" is Printed at BOOK under Category
This Book was rated by Raters and have average rate at ""
This eBook Maturity (Adult Book) status is NOT_MATURE
Book was written in en
eBook Version Availability Status at PDF is falseand in ePub is false
Book Preview
Comments
Post a Comment