Abstract
Malicious applications (malware) have attracted much attention from both academia and industry. Thanks to this, common users start to install anti-malware tools to help protect their phones. However, we notice that attackers can still take advantage of some existing mechanisms to induce users to download malware and bypass anti-malware software. In this paper, we focus on the app rating mechanism on smartphones and aim to evaluate its impact on malware propagation. More specifically, we investigate how this mechanism can be maliciously used to leverage the trust levels of users and achieve particular goals (i.e., inducing users to download malware). In the evaluation, we develop a malicious rating system and conduct a study with over 400 participants. Our results indicate that such rating mechanism can affect users’ trust on app download and can be utilized to propagate malware. Copyright © 2016 IFIP International Federation for Information Processing.
Original language | English |
---|---|
Title of host publication | Trust Management X: 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Darmstadt, Germany, July 18-22, 2016, proceedings |
Editors | Sheikh Mahbub HABIB, Julita VASSILEVA, Sjouke MAUW, Max MÜHLHÄUSER |
Place of Publication | Cham |
Publisher | Springer |
Pages | 146-153 |
ISBN (Electronic) | 9783319413549 |
ISBN (Print) | 9783319413532 |
DOIs | |
Publication status | Published - 2016 |
Citation
Li, W., Jiang, L., Meng, W., & Kwok, L.-F. (2016). Trust it or not? An empirical study of rating mechanism and its impact on smartphone malware propagation. In S. M. Habib, J. Vassileva, S. Mauw, & M. Mühlhäuser (Eds.), Trust Management X: 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Darmstadt, Germany, July 18-22, 2016, proceedings (pp. 146-153). Springer. https://doi.org/10.1007/978-3-319-41354-9_11Keywords
- Malicious applications
- Anti-malware software
- Rating mechanism
- Smartphone security
- User trust and awareness