research-article

How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries?

Authors:

Shaodong ZhangAuthors Info & Claims

HotMobile '18: Proceedings of the 19th International Workshop on Mobile Computing Systems & Applications

Pages 75 - 80

https://doi.org/10.1145/3177102.3177113

Published: 12 February 2018 Publication History

Abstract

Advertisement libraries are used in almost two-thirds of apps in Google Play. To increase economic revenue, some app developers tend to entice mobile users to unexpectedly click ad views during their interaction with the app, resulting in kinds of ad fraud. Despite some popular ad providers have published behavioral policies to prevent inappropriate behaviors/practices, no previous work has studied whether mobile apps comply with those policies. In this paper, we take Google Admob as the starting point to study policy-violation apps. We first analyze the behavioral policies of Admob and create a taxonomy of policy violations. Then we propose an automated approach to detect policy-violation apps, which takes advantage of two key artifacts: an automated model-based Android GUI testing technique and a set of heuristic rules summarized from the behavior policies of Google Admob. We have applied our approach to 3,631 popular apps that have used the Admob library, and we could achieve a precision of 86% in detecting policy-violation apps. The results further show that roughly 2.5% of apps violate the policies, suggesting that behavioral policy violation is indeed a real issue in the Android advertising ecosystem.

References

[1]

Google Admob. 2017. AdMob & AdSense policies. (2017). Retrieved October 14, 2017 from https://support.google.com/admob/answer/6128543?hl=en&ref_topic=2745287

[2]

Google Admob. 2017. AdMob by Google. (2017). Retrieved October 21, 2017 from http://www.google.cn/admob/

[3]

D. Amalfitano, A. R. Fasolino, P. Tramontana, B. D. Ta, and A. M. Memon 2015. MobiGUITAR: Automated Model-Based Testing of Mobile Apps. IEEE Software, Vol. 32, 5 (2015), 53--59.

[4]

AppBrain 2017. Number of Android applications. (2017). showURL%https://www.appbrain.com/stats/number-of-android-apps

[5]

Geumhwan Cho, Junsung Cho, Youngbae Song, and Hyoungshick Kim 2015. An empirical study of click fraud in mobile advertising networks ARES. IEEE, 382--388.

Digital Library

[6]

Shauvik Roy Choudhary, Alessandra Gorla, and Alessandro Orso. 2015. Automated Test Input Generation for Android: Are We There Yet? (E) ASE. 429--440.

[7]

Jonathan Crussell, Ryan Stevens, and Hao Chen 2014. Madfraud: Investigating ad fraud in android applications MobiSys. ACM, 123--134.

Digital Library

[8]

Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang, and Carl A Gunter 2016. Free for All! Assessing User Data Exposure to Advertising Libraries on Android. NDSS.

[9]

Android Developers. 2018. Accessibility Overview. (2018). Retrieved January 9, 2018 from https://developer.android.com/guide/topics/ui/accessibility/index.html

[10]

DoubleClick. 2017. DoubleClick program policies. (2017). Retrieved October 21, 2017 from https://support.google.com/adxseller/topic/7316904?hl=en&ref_topic=6321576

[11]

Li Li, Tegawendé F Bissyandé, Jacques Klein, and Yves Le Traon 2016. An Investigation into the Use of Common Libraries in Android Apps SANER 2016. 403--414.

[12]

Bin Liu, Suman Nath, Ramesh Govindan, and Jie Liu. 2014. DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps. NSDI. 57--70.

Digital Library

[13]

Minxing Liu, Haoyu Wang, Yao Guo, and Jason Hong. 2016. Identifying and Analyzing the Privacy of Apps for Kids HotMobile '16. 105--110.

Digital Library

[14]

Ziang Ma, Haoyu Wang, Yao Guo, and Xiangqun Chen. 2016. Libradar: Fast and accurate detection of third-party libraries in android apps ICSE. ACM, 653--656.

Digital Library

[15]

Wei Meng, Ren Ding, Simon P. Chung, Steven Han, and Wenke Lee 2016. The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads. NDSS.

[16]

Thanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Michalis Polychronakis, and Sotiris Ioannidis. 2014. Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware EuroSec '14.

Digital Library

[17]

Shashi Shekhar, Michael Dietz, and Dan S. Wallach. 2012. AdSplit: Separating Smartphone Advertising from Applications. USENIX Security Symposium, Vol. Vol. 2012.

Digital Library

[18]

Nicolas Viennot, Edward Garcia, and Jason Nieh. 2014. A measurement study of google play. In IMC. 221--233.

Digital Library

[19]

Haoyu Wang and Yao Guo 2017. Understanding Third-party Libraries in Mobile App Analysis ICSE 2017. 515--516.

Digital Library

[20]

Haoyu Wang, Yao Guo, Ziang Ma, and Xiangqun Chen. 2015. WuKong: a scalable and accurate two-phase approach to Android app clone detection ISSTA. 71--82.

Digital Library

[21]

Haoyu Wang, Yuanchun Li, Yao Guo, Yuvraj Agarwal, and Jason I. Hong 2017. Understanding the Purpose of Permission Use in Mobile Apps. ACM Trans. Inf. Syst. Vol. 35, 4, Article 43 (July 2017), pages 43:1--43:40 pages.

Digital Library

Cited By

Wang LZheng CWang HLuo XTyson GWang YWang SSpinellis DConstantinou EBacchelli A(2024)Global Prosperity or Local Monopoly? Understanding the Geography of App PopularityProceedings of the 21st International Conference on Mining Software Repositories10.1145/3643991.3644935(322-334)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643991.3644935
Zhang HLiu DLiu XMa LWang RZhang FSun LZhao F(2024)A Multidimensional Detection Model of Android Malicious Applications Based on Dynamic and Static AnalysisProceedings of the 13th International Conference on Computer Engineering and Networks10.1007/978-981-99-9247-8_2(11-21)Online publication date: 4-Jan-2024
https://doi.org/10.1007/978-981-99-9247-8_2
Sun XChen XLi LCai HGrundy JSamhi JBissyandé TKlein J(2023)Demystifying Hidden Sensitive Operations in Android AppsACM Transactions on Software Engineering and Methodology10.1145/357415832:2(1-30)Online publication date: 29-Mar-2023
https://dl.acm.org/doi/10.1145/3574158
Show More Cited By

Index Terms

How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries?

Recommendations

Spam Mobile Apps: Characteristics, Detection, and in the Wild Analysis

The increased popularity of smartphones has attracted a large number of developers to offer various applications for the different smartphone platforms via the respective app markets. One consequence of this popularity is that the app markets are also ...
End Users' Perception of Hybrid Mobile Apps in the Google Play Store
MS '15: Proceedings of the 2015 IEEE International Conference on Mobile Services

Today millions of mobile apps are downloaded and used all over the world. Mobile apps are distributed via different app stores, such as the Google Play Store, the Apple App Store, the Windows Phone Store. One of the most intriguing challenges in mobile ...
Demystifying Privacy Policy of Third-Party Libraries in Mobile Apps
ICSE '23: Proceedings of the 45th International Conference on Software Engineering

The privacy of personal information has received significant attention in mobile software. Although researchers have designed methods to identify the conflict between app behavior and privacy policies, little is known about the privacy compliance ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotMobile '18: Proceedings of the 19th International Workshop on Mobile Computing Systems & Applications

February 2018

130 pages

ISBN:9781450356305

DOI:10.1145/3177102

General Chair:
Minkyong Kim
Samsung Electronics, USA
,
Program Chair:
Aruna Balasubramanian
Stony Brook, NY, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 February 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

HotMobile '18

Sponsor:

SIGMOBILE

HotMobile '18: The 19th International Workshop on Mobile Computing Systems and Applications

February 12 - 13, 2018

Arizona, Tempe, USA

Acceptance Rates

HotMobile '18 Paper Acceptance Rate 19 of 65 submissions, 29%;

Overall Acceptance Rate 96 of 345 submissions, 28%

Upcoming Conference

HOTMOBILE '25

Sponsor:
sigmobile

The 26th International Workshop on Mobile Computing Systems and Applications

February 26 - 27, 2025

Palm Springs , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
255
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)0

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Wang LZheng CWang HLuo XTyson GWang YWang SSpinellis DConstantinou EBacchelli A(2024)Global Prosperity or Local Monopoly? Understanding the Geography of App PopularityProceedings of the 21st International Conference on Mining Software Repositories10.1145/3643991.3644935(322-334)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643991.3644935
Zhang HLiu DLiu XMa LWang RZhang FSun LZhao F(2024)A Multidimensional Detection Model of Android Malicious Applications Based on Dynamic and Static AnalysisProceedings of the 13th International Conference on Computer Engineering and Networks10.1007/978-981-99-9247-8_2(11-21)Online publication date: 4-Jan-2024
https://doi.org/10.1007/978-981-99-9247-8_2
Sun XChen XLi LCai HGrundy JSamhi JBissyandé TKlein J(2023)Demystifying Hidden Sensitive Operations in Android AppsACM Transactions on Software Engineering and Methodology10.1145/357415832:2(1-30)Online publication date: 29-Mar-2023
https://dl.acm.org/doi/10.1145/3574158
Zhang SLei HWang YLi DGuo YChen X(2023)APIMind: API-driven Assessment of Runtime Description-to-permission Fidelity in Android Apps2023 IEEE 34th International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE59848.2023.00057(427-438)Online publication date: 9-Oct-2023
https://doi.org/10.1109/ISSRE59848.2023.00057
Yan YZheng YLiu XMedvidovic NWang W(2023)Adhere: Automated Detection and Repair of Intrusive Ads2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)10.1109/ICSE48619.2023.00051(486-498)Online publication date: May-2023
https://doi.org/10.1109/ICSE48619.2023.00051
Watson KJust MBerg T(2023)A comic-based approach to permission request communicationComputers and Security10.1016/j.cose.2022.102942124:COnline publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1016/j.cose.2022.102942
Nasir NIqbal FZaheer MShahjahan MJaved MSuga YSakurai KDing XSako K(2022)Lures for MoneyProceedings of the 2022 ACM on Asia Conference on Computer and Communications Security10.1145/3488932.3517404(1195-1206)Online publication date: 30-May-2022
https://dl.acm.org/doi/10.1145/3488932.3517404
Zhan XLiu TFan LLi LChen SLuo XLiu Y(2022)Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature ReviewIEEE Transactions on Software Engineering10.1109/TSE.2021.311438148:10(4181-4213)Online publication date: 1-Oct-2022
https://doi.org/10.1109/TSE.2021.3114381
Cui HMeng GZhang YWang WZhu DSu TZhang XLi Y(2022)TraceDroid: A Robust Network Traffic Analysis Framework for Privacy Leakage in Android AppsScience of Cyber Security10.1007/978-3-031-17551-0_35(541-556)Online publication date: 30-Sep-2022
https://doi.org/10.1007/978-3-031-17551-0_35
Gao YWang HLi LLuo XXu GLiu X(2021)Demystifying Illegal Mobile Gambling AppsProceedings of the Web Conference 202110.1145/3442381.3449932(1447-1458)Online publication date: 19-Apr-2021
https://dl.acm.org/doi/10.1145/3442381.3449932
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

ePub

View this article in ePub.

Media

Figures

Other

Tables

View Table of Contents