Our paper “Mobile App Squatting” has been received the best student paper award at WWW 2020!
In “App Squatting”, attackers release apps with identifiers (e.g., app name or package name) that are confusingly similar to those of popular apps or well-known Internet brands. This paper presents the first in-depth measurement study of app squatting showing its prevalence and implications. The paper develops and releases a tool (AppCrazy) for automatically generating variations of app identifiers and applies it to the top-500 most popular apps in Google Play, identifying 10,553 squatting apps (an average of over 20 squatting apps for each legitimate one).
While more than half are malicious mobile app markets have not been successful in identifying and eliminating squatting apps.
Yangyu Hu, Haoyu Wang, Ren He, Li Li, Gareth Tyson, Ignacio Castro, Yao Guo, Lei Wu and Guoai Xu. “Mobile App Squatting”. In 29th Web Conference (WWW), Taipei, Taiwan (2020). [Acceptance Rate: 19%] [PDF]