Mobile specific webpages differ significantly from their desktop counterparts in content, layout and functionality. Accordingly, existing techniques to detect malicious websites are unlikely to work for such webpages. In this paper, we design and implement kAYO, a mechanism that distinguishes between malicious and benign mobile webpages. kAYO makes this determination based on static features of a webpage ranging from the number of iframes to the presence of known fraudulent phone numbers. First, we experimentally demonstrate the need for mobile specific techniques and then identify a range of new static features that highly correlate with mobile malicious webpages. We then apply kAYO to a dataset of over 350,000 known benign and malicious mobile webpages and demonstrate 90% accuracy in classification. Moreover, we discover, characterize and report a number of webpages missed by Google Safe Browsing and VirusTotal, but detected by kAYO. Finally, we build a browser extension using kAYO to protect users from malicious mobile websites in real-time. In doing so, we provide the first static analysis technique to detect malicious mobile webpages.
Mobile phones have evolved from simple voice terminals into highly-capable, general-purpose computing platforms. While people are becoming increasingly more dependent on such devices to perform sensitive operations, protect secret data, and be available for emergency use, it is clear that phone operating systems are not ready to become mission-critical systems. Through a pair of vulnerabilities and a simulated attack on a cellular network, we demonstrate that there are a myriad of unmanaged mechanisms on mobile phones, and that control of these mechanisms is vital to achieving reliable use. Through such vectors, mobile phones introduce a variety of new threats to their own applications and the telecommunications infrastructure itself. In this paper, we examine the requirements for providing effective mediation and access control for mobile phones. We then discuss the convergence of cellular networks with the Internet and its impact on effective resource management and quality of service. Based on these results, we argue for user devices that enable predictable behavior in a network-where their trusted computing bases can protect key applications and create predictable network impact.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.