Mobile Application Impersonation Detection Using Dynamic User Interface Extraction

Authors: Luka Malisa, Kari Kostiainen, Michael Och, and Srdjan Čapkun

Computer Security – ESORICS 2016

Abstract

In this paper we present a novel approach for detection of mobile app impersonation attacks. Our system uses dynamic code analysis to extract user interfaces from mobile apps and analyzes the extracted screenshots to detect impersonation. As the detection is based on the visual appearance of the application, as seen by the user, our approach is robust towards the attack implementation technique and resilient to simple detection avoidance methods such as code obfuscation. We analyzed over 150,000 mobile apps and detected over 40,000 cases of impersonation. Our work demonstrates that impersonation detection through user interface extraction is effective and practical at large scale.

People

Dr. Luka Malisa

Doctoral Student (2011 – 2019)

Information Security Officer, SDX

Dr. Kari Kostiainen

Senior Scientist

Michael Och

Researcher (2016 – 2016)

Researcher, Google

Prof. Srdjan Čapkun

Group Leader

BibTex

@inproceedings{malisa2016mobile,
  author    = {Malisa, Luka and Kostiainen, Kari and Och, Michael and Capkun, Srdjan},
  title     = {{Mobile Application Impersonation Detection Using Dynamic User Interface Extraction}},
  booktitle = {Computer Security {\textendash{}} ESORICS 2016},
  address   = {Heraklion, Greece},
  year      = 2016,
  month     = sep,
  publisher = {Springer},
  doi       = {10.1007/978-3-319-45744-4_11},
  url       = {https://doi.org/10.1007/978-3-319-45744-4_11}
}

Research Collection: 20.500.11850/120916