Mobile Application Impersonation Detection Using Dynamic User Interface Extraction

  • Luka Malisa
  • Kari Kostiainen
  • Michael Och
  • Srdjan Capkun
Conference paper

DOI: 10.1007/978-3-319-45744-4_11

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9878)
Cite this paper as:
Malisa L., Kostiainen K., Och M., Capkun S. (2016) Mobile Application Impersonation Detection Using Dynamic User Interface Extraction. In: Askoxylakis I., Ioannidis S., Katsikas S., Meadows C. (eds) Computer Security – ESORICS 2016. ESORICS 2016. Lecture Notes in Computer Science, vol 9878. Springer, Cham

Abstract

In this paper we present a novel approach for detection of mobile app impersonation attacks. Our system uses dynamic code analysis to extract user interfaces from mobile apps and analyzes the extracted screenshots to detect impersonation. As the detection is based on the visual appearance of the application, as seen by the user, our approach is robust towards the attack implementation technique and resilient to simple detection avoidance methods such as code obfuscation. We analyzed over 150,000 mobile apps and detected over 40,000 cases of impersonation. Our work demonstrates that impersonation detection through user interface extraction is effective and practical at large scale.

Keywords

Mobile Visual Repackaging Phishing Impersonation 

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Luka Malisa
    • 1
  • Kari Kostiainen
    • 1
  • Michael Och
    • 1
  • Srdjan Capkun
    • 1
  1. 1.Institute of Information SecurityETH ZurichZürichSwitzerland

Personalised recommendations