Towards Stalkerware Detection with Precise Warnings - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2021

Towards Stalkerware Detection with Precise Warnings

Kevin A Roundy
  • Fonction : Auteur
  • PersonId : 1118135
Acar Tamersoy
  • Fonction : Auteur
  • PersonId : 1118136

Résumé

Stalkerware enables individuals to conduct covert surveillance on a targeted person's device. Android devices are a particularly fertile ground for stalkerware, most of which spy on a single communication channel, sensor, or category of private data, though 27% of stalkerware surveil multiple of private data sources. We present Dosmelt, a system that enables stalkerware warnings that precisely characterize the types of surveillance conducted by Android stalkerware so that surveiled individuals can take appropriate mitigating action. Our methodology uses active learning in a semi-supervised learning setting to tackle this task at scale, which would otherwise require expert labeling of significant number of stalkerware apps. Dosmelt leverages the observation that stalkerware differs from other categories of spyware in its open advertising of its surveillance capabilities, which we detect on the basis of the titles and self-descriptions of stalkerware apps that are posted on Android app stores. Dosmelt achieves up to 96% AUC for stalkerware detection with a 91% Macro-F1 score of surveillance capability attribution for stalkerware apps. Dosmelt has detected hundreds of new stalkerware apps that we have added to the Stalkerware Threat List.
Fichier principal
Vignette du fichier
ACSAC-stalkerware-precise-warnings-HAL.pdf (2.64 Mo) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03449857 , version 1 (05-01-2022)

Identifiants

Citer

Yufei Han, Kevin A Roundy, Acar Tamersoy. Towards Stalkerware Detection with Precise Warnings. ACSAC 2021 - Proceedings of Annual Computer Security Applications Conference, Dec 2021, Online, United States. pp.1-13, ⟨10.1145/3485832.3485901⟩. ⟨hal-03449857⟩
61 Consultations
300 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More