Title: Detecting Malicious Facebook Applications

Author(s): Nayana K N, Anjana Sharma


Mtech Student , Dept of CSE, NHCE , Bangalore , Karnataka , India

 Sr Asst Prof, Dept of CSE, NHCE , Bangalore , Karnataka , India

             


Abstract

With 20 million installs a day [1], third-party apps are a major reason for the popularity and addictiveness of Facebook. Unfortunately, hackers have realized the potential of using apps for spreading malware and spam. The problem is already significant, as we find that at least 13% of apps in our dataset are malicious. So far, the research community has focused on detecting malicious posts and campaigns.

In this paper, we ask the question: given a Facebook application, can we determine if it is malicious? Our key contribution is in developing FRAppE—Facebook’s Rigorous Application Evaluator— arguably the first tool focused on detecting malicious apps on Facebook.

To develop FRAppE, we use information gathered by observing the posting behavior of 111K Facebook apps seen across 2.2 million users on Facebook. First, we identify a set of features that help us distinguish malicious apps from benign ones.

For example, we find that malicious apps often share names with other apps, and they typically request fewer permissions than benign apps. Second, leveraging these distinguishing features, we show that FRAppE can detect malicious apps with 99.5% accuracy, with no false positives and a low false negative rate (4.1%). Finally, we explore the ecosystem of malicious Facebook apps and identify mechanisms that these apps use to propagate. Interestingly, we find that many apps collude and support each other; in our dataset, we find 1,584 apps enabling the viral propagation of 3,723 other apps through their posts. Long-term, we see FRAppE as a step towards creating an independent watchdog for app assessment and ranking, so as to warn Facebook users before installing apps


License: This work is licensed under a Creative Commons Attribution 4.0 International License.

 

Website: http://www.ijecs.in

e-ISSN:  2319-724

Call For Paper

VOLUME 06. ISSUE 05 [May 2017]

IJECS invites authors to submit manuscripts Reporting original engineering research, computer science , original article, research article, case report, systematic reviews, or educational Innovations for publication for the Current issues. Types of manuscripts suitable for IJECS include: Engineering Science, Computer Science, Educational Innovation, Brief Report, Reviews on Teaching In keeping with high quality scholarship

Read More

Online Submission

If any difficulty you can also submit to: This email address is being protected from spambots. You need JavaScript enabled to view it..in

GettyImages.pngace.pngarx.pngcit.pngcomp.pngcross.pngdoaj.pngicn.pngino.pnglogo_wcmasthead_en.pngres.pngresbib.pngsci.pngscic.pngscics.pngulrich.pngur.png

FaceBook

About Us

The“International Journal of Engineering  and computer science”(IJECS™) is an international online journal in English published monthly. The aim of IJECS is to publish peer reviewed research and review articles in rapidly developing field of engineering science and technology

Address

Address : LIG 73 megdoot Nagar Mandsaur

State : Madhya Pradesh

Country : INDIA

Phone :+91 (822) 260 24 694

Email: editor@ijecs.in

Go to top