Unveiling iOS Scamwares through Crowdturfing Reviews
Authors: 
Zhipeng Xu, Ming Liu, Zhushou Tang, and Yijun WangAuthors Info & Claims
Zhipeng Xu, Ming Liu, Zhushou Tang, and Yijun WangAuthors Info & ClaimsJune 2024
Pages 399 - 404
Abstract
The iOS App Store is widely recognized as a trustworthy source for applications, primarily because of the strict regulations enforced by Apple. However, despite these measures, the presence of scamwares and the prevalence of crowdturfing (fake) reviews continue to persist within the App Store ecosystem. Previous research has primarily focused on identifying scamware through various app analysis techniques or measuring removed apps or removed reviews independently. Nevertheless, the community is still unaware of the potential impact of analyzing user reviews on enhancing scamware detection effectiveness. To address this research gap, this study conducts a large-scale investigation of crowdturfing reviews and scamwares within the iOS App Store. We first use the community detection algorithm to identify crowdturfing reviews on the user relation network. Then, based on the unique characteristics of scamwares from the perspective of crowdturfing reviews, we design three new features to assess the risk of an application. Finally, we apply machine learning algorithms to leverage our three well-designed features for scamware detection.
The experimental results obtained from our labelled benchmark dataset showcase the effectiveness of our approach, achieving a good performance (F1 score 96%+) in scamware detection. The significance of our approach lies in its practicality and universality as a scamware detector in light of the constantly evolving landscape of iOS scamwares.
References
[1]
Apple. 2020. App Store stopped more than 1.5 billion dollars in potentially fraudulent transactions in 2020. https://www.apple.com/newsroom/2021/05/app-store-stopped-over-1-5-billion-in-suspect-transactions-in-2020/
[2]
Alex Beutel, Wanhong Xu, Venkatesan Guruswami, Christopher Palow, and Christos Faloutsos. 2013. CopyCatch: Stopping Group Attacks by Spotting Lockstep Behavior in Social Networks. In Proceedings of the 22nd international conference on World Wide Web - WWW 13. ACM Press, New York, New York, USA. https://doi.org/10.1145/2488388.2488400
[3]
Vincent D Blondel, Jean-Loup Guillaume, Renaud Lambiotte, and Etienne Lefebvre. 2008. Fast unfolding of communities in large networks. Journal of Statistical Mechanics: Theory and Experiment 2008, 10 (2008), P10008. https://doi.org/10.1088/1742-5468/2008/10/p10008
[4]
Zhuo Chen, Jie Liu, Yubo Hu, Lei Wu, Yajin Zhou, Yiling He, Xianhao Liao, Ke Wang, Jinku Li, and Zhan Qin. 2023. DeUEDroid: Detecting Underground Economy Apps Based on UTG Similarity. In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM, New York, NY, USA, 223–235. https://doi.org/10.1145/3597926.3598051
[5]
Zhuo Chen, Lei Wu, Yubo Hu, Jing Cheng, Yufeng Hu, Yajin Zhou, Zhushou Tang, Yexuan Chen, Jinku Li, and Kui Ren. 2023. Lifting The Grey Curtain: Analyzing the Ecosystem of Android Scam Apps. IEEE Transactions on Dependable and Secure Computing (2023), 1–16. https://doi.org/10.1109/tdsc.2023.3329205
[6]
Meng Jiang, Peng Cui, Alex Beutel, Christos Faloutsos, and Shiqiang Yang. 2014. CatchSync: Catching Synchronized Behavior in Large Directed Graphs. In Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining. ACM, New York, NY, USA. https://doi.org/10.1145/2623330.2623632
[7]
Fuqi Lin, Haoyu Wang, Liu Wang, and Xuanzhe Liu. 2021. A Longitudinal Study of Removed Apps in iOS App Store. In Proceedings of the Web Conference 2021. ACM, New York, NY, USA. https://doi.org/10.1145/3442381.3449990
[8]
Daniel Martens and Walid Maalej. 2019. Towards understanding and detecting fake reviews in app stores. Empirical Software Engineering 24, 6 (2019), 3316–3355. https://doi.org/10.1007/s10664-019-09706-9
[9]
Liu Wang, Haoyu Wang, Xiapu Luo, Tao Zhang, Shangguang Wang, and Xuanzhe Liu. 2022. Demystifying "removed reviews" in iOS app store. In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ACM, New York, NY, USA. https://doi.org/10.1145/3540250.3558966
[10]
Hao Yang, Kun Du, Yubao Zhang, Shuang Hao, Zhou Li, Mingxuan Liu, Haining Wang, Haixin Duan, Yazhou Shi, Xiaodong Su, Guang Liu, Zhifeng Geng, and Jianping Wu. 2019. Casino Royale: A Deep Exploration of Illegal Online Gambling. In Proceedings of the 35th Annual Computer Security Applications Conference. ACM, New York, NY, USA. https://doi.org/10.1145/3359789.3359817
Index Terms
- Unveiling iOS Scamwares through Crowdturfing Reviews
Recommendations
Understanding iOS-based crowdturfing through hidden UI analysis
SEC'19: Proceedings of the 28th USENIX Conference on Security SymposiumA new type of malicious crowdsourcing (a.k.a., crowdturfing) clients, mobile apps with hidden crowdturfing user interface (UI), is increasingly being utilized by miscreants to coordinate crowdturfing workers and publish mobile-based crowdturfing tasks (...
Comments
Information & Contributors
Information
Published In
June 2024
728 pages
ISBN:9798400717017
DOI:10.1145/3661167
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 18 June 2024
Check for updates
Author Tags
Qualifiers
- Short-paper
- Research
- Refereed limited
Conference
EASE 2024
EASE 2024: 28th International Conference on Evaluation and Assessment in Software Engineering
June 18 - 21, 2024
Salerno, Italy
Acceptance Rates
Overall Acceptance Rate 71 of 232 submissions, 31%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 4Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)4
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format