Do you want to publish a course? Click here

Lifting The Grey Curtain: A First Look at the Ecosystem of CULPRITWARE

196   0   0.0 ( 0 )
 Added by Zhuo Chen
 Publication date 2021
and research's language is English




Ask ChatGPT about the research

Mobile apps are extensively involved in cyber-crimes. Some apps are malware which compromise users devices, while some others may lead to privacy leakage. Apart from them, there also exist apps which directly make profit from victims through deceiving, threatening or other criminal actions. We name these apps as CULPRITWARE. They have become emerging threats in recent years. However, the characteristics and the ecosystem of CULPRITWARE remain mysterious. This paper takes the first step towards systematically studying CULPRITWARE and its ecosystem. Specifically, we first characterize CULPRITWARE by categorizing and comparing them with benign apps and malware. The result shows that CULPRITWARE have unique features, e.g., the usage of app generators (25.27%) deviates from that of benign apps (5.08%) and malware (0.43%). Such a discrepancy can be used to distinguish CULPRITWARE from benign apps and malware. Then we understand the structure of the ecosystem by revealing the four participating entities (i.e., developer, agent, operator and reaper) and the workflow. After that, we further reveal the characteristics of the ecosystem by studying the participating entities. Our investigation shows that the majority of CULPRITWARE (at least 52.08%) are propagated through social media rather than the official app markets, and most CULPRITWARE (96%) indirectly rely on the covert fourth-party payment services to transfer the profits. Our findings shed light on the ecosystem, and can facilitate the community and law enforcement authorities to mitigate the threats. We will release the source code of our tools to engage the community.



rate research

Read More

YouTube has become the second most popular website according to Alexa, and it represents an enticing platform for scammers to attract victims. Because of the computational difficulty of classifying multimedia, identifying scams on YouTube is more difficult than text-based media. As a consequence, the research community to-date has provided little insight into the prevalence, lifetime, and operational patterns of scammers on YouTube. In this short paper, we present a preliminary exploration of scam videos on YouTube. We begin by identifying 74 search queries likely to lead to scam videos based on the authors experience seeing scams during routine browsing. We then manually review and characterize the results to identify 668 scams in 3,700 videos. In a detailed analysis of our classifications and metadata, we find that these scam videos have a median lifetime of nearly nine months, and many rely on external websites for monetization. We also explore the potential of detecting scams from metadata alone, finding that metadata does not have enough predictive power to distinguish scams from legitimate videos. Our work demonstrates that scams are a real problem for YouTube users, motivating future work on this topic.
89 - Liu Wang , Ren He , Haoyu Wang 2020
As the COVID-19 pandemic emerged in early 2020, a number of malicious actors have started capitalizing the topic. Although a few media reports mentioned the existence of coronavirus-themed mobile malware, the research community lacks the understanding of the landscape of the coronavirus-themed mobile malware. In this paper, we present the first systematic study of coronavirus-themed Android malware. We first make efforts to create a daily growing COVID-19 themed mobile app dataset, which contains 4,322 COVID-19 themed apk samples (2,500 unique apps) and 611 potential malware samples (370 unique malicious apps) by the time of mid-November, 2020. We then present an analysis of them from multiple perspectives including trends and statistics, installation methods, malicious behaviors and malicious actors behind them. We observe that the COVID-19 themed apps as well as malicious ones began to flourish almost as soon as the pandemic broke out worldwide. Most malicious apps are camouflaged as benign apps using the same app identifiers (e.g., app name, package name and app icon). Their main purposes are either stealing users private information or making profit by using tricks like phishing and extortion. Furthermore, only a quarter of the COVID-19 malware creators are habitual developers who have been active for a long time, while 75% of them are newcomers in this pandemic. The malicious developers are mainly located in US, mostly targeting countries including English-speaking countries, China, Arabic countries and Europe. To facilitate future research, we have publicly released all the well-labelled COVID-19 themed apps (and malware) to the research community. Till now, over 30 research institutes around the world have requested our dataset for COVID-19 themed research.
Recently emerging Decentralized Finance (DeFi) takes the promise of cryptocurrencies a step further, leveraging their decentralized networks to transform traditional financial products into trustless and transparent protocols that run without intermediaries. However, these protocols often require critical external information, like currency or commodity exchange rates, and in this respect they rely on special oracle nodes. In this paper, we present the first study of DeFi oracles deployed in practice. First, we investigate designs of mainstream DeFi platforms that rely on data from oracles. We find that these designs, surprisingly, position oracles as trusted parties with no or low accountability. Then, we present results of large-scale measurements of deployed oracles. We find and report that prices reported by oracles regularly deviate from current exchange rates, oracles are not free from operational issues, and their reports include anomalies. Finally, we compare the oracle designs and propose potential improvements.
The discovery by the ATLAS and CMS experiments of a new boson with mass around 125 GeV and with measured properties compatible with those of a Standard-Model Higgs boson, coupled with the absence of discoveries of phenomena beyond the Standard Model at the TeV scale, has triggered interest in ideas for future Higgs factories. A new circular e+e- collider hosted in a 80 to 100 km tunnel, TLEP, is among the most attractive solutions proposed so far. It has a clean experimental environment, produces high luminosity for top-quark, Higgs boson, W and Z studies, accommodates multiple detectors, and can reach energies up to the t-tbar threshold and beyond. It will enable measurements of the Higgs boson properties and of Electroweak Symmetry-Breaking (EWSB) parameters with unequalled precision, offering exploration of physics beyond the Standard Model in the multi-TeV range. Moreover, being the natural precursor of the VHE-LHC, a 100 TeV hadron machine in the same tunnel, it builds up a long-term vision for particle physics. Altogether, the combination of TLEP and the VHE-LHC offers, for a great cost effectiveness, the best precision and the best search reach of all options presently on the market. This paper presents a first appraisal of the salient features of the TLEP physics potential, to serve as a baseline for a more extensive design study.
We present 850 $mu$m imaging polarimetry data of the $rho$ Oph-A core taken with the Submillimeter Common-User Bolometer Array-2 (SCUBA-2) and its polarimeter (POL-2), as part of our ongoing survey project, BISTRO (B-fields In STar forming RegiOns). The polarization vectors are used to identify the orientation of the magnetic field projected on the plane of the sky at a resolution of 0.01 pc. We identify 10 subregions with distinct polarization fractions and angles in the 0.2 pc $rho$ Oph A core; some of them can be part of a coherent magnetic field structure in the $rho$ Oph region. The results are consistent with previous observations of the brightest regions of $rho$ Oph-A, where the degrees of polarization are at a level of a few percents, but our data reveal for the first time the magnetic field structures in the fainter regions surrounding the core where the degree of polarization is much higher ($> 5 %$). A comparison with previous near-infrared polarimetric data shows that there are several magnetic field components which are consistent at near-infrared and submillimeter wavelengths. Using the Davis-Chandrasekhar-Fermi method, we also derive magnetic field strengths in several sub-core regions, which range from approximately 0.2 to 5 mG. We also find a correlation between the magnetic field orientations projected on the sky with the core centroid velocity components.
comments
Fetching comments Fetching comments
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا