Authors:
L. Vollero
1
;
D. Biondo
2
;
R. Setola
1
;
G. Bocci
2
;
R. Mammoliti
2
and
A. Toma
2
Affiliations:
1
Università Campus Bio-Medico di Roma, Italy
;
2
Sistemi Informativi, Sicurezza Informatica, Incident Prevention and Management and Poste Italiane, Italy
Keyword(s):
Security, Logo Analysis, Image Processing, Classification.
Abstract:
The wide diffusion of mobile devices and the ability of users to customize their experience through applications
(Apps) is opening to new problems related to privacy, security and data integrity for the mobile ecosystem.
Smartphones, in general, and Android devices, in particular, are rapidly becoming emerging threat vectors of
cybercrime activities. Unofficial Android markets, especially those with weak controls on published Apps,
are the places where frauds may easily start and spread. Hence, the ability to identify and quickly shut down
deceptive Apps is of paramount importance in the protection of users, services and infrastructures. Traditional
approaches that aim at mitigating the presence of malicious Apps in unofficial markets, are based on
crawlers for scanning stores and checking the words used in Apps’ description. These methods works very
well when the App’s title, keywords and description match specific patterns that identify services to protect
and the application owner
or App’s signature do not match expected ones. Unluckily, the performance of such
methods reduce sharply when the store adopts a language that is not supported by the recognition system or
the App publisher uses misleading words in the App’s description. Nevertheless, App publishers always use
a logo which is familiar to the user in order to highlight the application and increase the probability that the
users install it. In this paper we presents a system that overcomes the limitation of traditional approaches
including logo analysis in the process of App recognition. Our contribution is the definition and evaluation of
a logo-based complementary system to be used in conjunction with traditional approaches based on word lists
checking. The system and the performance of the proposed solution are presented and analyzed in the paper.
(More)