Search Rank Fraud and Malware Detection in Google Play
Fraudulent behaviors in Google Play, the most popular Android app market, fuel search rank abuse and malware proliferation. To identify malware, previous work has focused on app executable and permission analysis. In this paper, we introduce FairPlay, a novel system that discovers and leverages traces left behind by fraudsters, to detect both malware and apps subjected to search rank fraud. FairPlay correlates review activities and uniquely combines detected review relations with linguistic and behavioral signals gleaned from Google Play app data (87K apps, 2.9M reviews, and 2.4M reviewers, collected over half a year), in order to identify suspicious apps. FairPlay achieves over 95% accuracy in classifying gold standard datasets of malware, fraudulent and legitimate apps. We show that 75% of the identified malware apps engage in search rank fraud. FairPlay discovers hundreds of fraudulent apps that currently evade Google Bouncer’s detection technology. FairPlay also helped the discovery of more than 1,000 reviews, reported for 193 apps, that reveal a new type of “coercive” review campaign: users are harassed into writing positive reviews, and install and review other apps.
v In the existing system, the malware threat for mobile phones is expected to increase with the functionality enhancement of mobile phones. This threat is increased with the surge in population of smart phones instilled with stable Internet access which provides attractive targets for malware developers.
v In the existing system, in the smart phone market, Android is currently the most popular smart phone operating system. Due to this popularity and also to its open source nature, Android-based smart phones are now an ideal target for attackers. Since the number of malware designed for Android devices is increasing fast, Android users are looking for security solutions aimed at preventing malicious actions from damaging their smart phones.
v Anti-malware products promises to effectively protect against malware on mobile devices and many products are available for free or at reasonable prices. From this perspective, we propose and analyse some potential limitation-oriented techniques for effective malware detection.
Ø There are no time related co-review behaviors.
Ø There is no fraudulent review filter.
v Unlike existing solutions, the proposed system builds this work on the observation that fraudulent and malicious behaviors leave behind telltale signs on app markets. The proposed system uncovers these nefarious acts by picking out such trails.
v For instance, the high cost of setting up valid Google Play accounts forces fraudsters to reuse their accounts across review writing jobs, making them likely to review more apps in common than regular users. Resource constraints can compel fraudsters to post reviews within short time intervals. Legitimate users affected by malware may report unpleasant experiences in their reviews. Increases in the number of requested permissions from one version to the next, which we will call “permission ramps”, may indicate benign to malware (Jekyll-Hyde) transitions.
Ø Identifying both malware and search rank fraud subjects in Google Play.
Ø Implemented Graph Based Opinion Spam Detection.
➢ H/W System Configuration:-
➢ Processor – Pentium –IV
➢ RAM – 4 GB (min)
➢ Hard Disk – 20 GB
➢ Key Board – Standard Windows Keyboard
➢ Mouse – Two or Three Button Mouse
➢ Monitor – SVGA
Ø Operating System – Windows XP
Ø Coding Language – Java/J2EE(JSP,Servlet)
Ø Front End – J2EE
Ø Back End – MySQL