CMC: a pragmatic approach to model checking real code
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Detectives: detecting coalition hit inflation attacks in advertising networks streams
Proceedings of the 16th international conference on World Wide Web
Combating click fraud via premium clicks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
SLEUTH: Single-pubLisher attack dEtection Using correlaTion Hunting
Proceedings of the VLDB Endowment
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
Event Listener Analysis and Symbolic Execution for Testing GUI Applications
ICFEM '09 Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
SBotMiner: large scale search bot detection
Proceedings of the third ACM international conference on Web search and data mining
Fighting online click-fraud using bluff ads
ACM SIGCOMM Computer Communication Review
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Got traffic?: an evaluation of click traffic providers
Proceedings of the 2011 Joint WICOW/AIRWeb Workshop on Web Quality
Automating GUI testing for Android applications
Proceedings of the 6th International Workshop on Automation of Software Test
Vision: automated security validation of mobile apps at app markets
MCS '11 Proceedings of the second international workshop on Mobile cloud computing and services
What's clicking what? techniques and innovations of today's clickbots
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Fashion crimes: trending-term exploitation on the web
Proceedings of the 18th ACM conference on Computer and communications security
Unsafe exposure analysis of mobile in-app advertisements
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Is this app safe?: a large scale study on application permissions and risk signals
Proceedings of the 21st international conference on World Wide Web
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Measuring and fingerprinting click-spam in ad networks
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Using GUI ripping for automated testing of Android applications
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
PharmaLeaks: understanding the business of online pharmaceutical affiliate programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Testing android apps through symbolic execution
ACM SIGSOFT Software Engineering Notes
AppInsight: mobile app performance monitoring in the wild
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Automated concolic testing of smartphone apps
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
Dissecting ghost clicks: ad fraud via misdirected human clicks
Proceedings of the 28th Annual Computer Security Applications Conference
AppsPlayground: automatic security analysis of smartphone applications
Proceedings of the third ACM conference on Data and application security and privacy
A grey-box approach for automated GUI-model generation of mobile applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
SmartAds: bringing contextual ads to mobile apps
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
AMC: verifying user interface properties for vehicular applications
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Click-fraud monetizing malware: A survey and case study
MALWARE '12 Proceedings of the 2012 7th International Conference on Malicious and Unwanted Software (MALWARE)
Dynodroid: an input generation system for Android apps
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
ViceROI: catching click-spam in search ad networks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Impression fraud in online advertising via pay-per-view networks
SEC'13 Proceedings of the 22nd USENIX conference on Security
| Hi-index | 0.00 |
Ad networks for mobile apps require inspection of the visual layout of their ads to detect certain types of placement frauds. Doing this manually is error prone, and does not scale to the sizes of today's app stores. In this paper, we design a system called DECAF to automatically discover various placement frauds scalably and effectively. DECAF uses automated app navigation, together with optimizations to scan through a large number of visual elements within a limited time. It also includes a framework for efficiently detecting whether ads within an app violate an extensible set of rules that govern ad placement and display. We have implemented DECAF for Windows-based mobile platforms, and applied it to 1,150 tablet apps and 50,000 phone apps in order to characterize the prevalence of ad frauds. DECAF has been used by the ad fraud team in Microsoft and has helped find many instances of ad frauds.