Mobile Click Fraud Attack (MCFA)
Elliott Wen, Doctoral Candidate; Dr Gerald Weber, Senior Lecturer, Department of Computer Science
A series threat: Mobile Click Fraud Attack
Nowadays, Mobile Click Fraud Attack (MCFA) is becoming a frequent topic within cyber security experts community. In an attack such as Click Fraud, malicious individuals repeatedly generate click events on mobile applications with the intention to increase revenues or exerting personal influence. Common examples include boosting product ratings or increasing the `like’ number in social media pages. Shockingly, such attacks are known to have caused a substantial damage of US$16.7 billion on mobile application economy in 2017.
In general, most of these attacks are carried out by automating a massive number of physical devices. But, to purchase a large volume of devices would have incurred substantial costs. Therefore, a cheaper alternative to the physical devices is to use emulators. However, current existing emulators are inefficient and vastly blocked due to their immense resource demand and defective device signatures. In this research, we propose a programme called Fraus – a cost efficient and scalable approach to conduct large-scale click fraud using device emulators.
Fraus maintains a low resource profile by circumventing graphics emulation and applying lazy-loading techniques on system components. In addition, Fraus provides a seemingly authentic device signature and disguises itself as a legitimate device by fully emulating the missing hardware components including WiFi interfaces and cellular modems. To facilitate the management of numerous emulator instances, Fraus also offers a distributed management system, which is scalable and fault-tolerant.
We evaluated the performance of Fraus by mocking attacks against the top 300 applications from the Google Play store. The results demonstrate that Fraus has high system stability and application compatibility.
Fraus also significantly reduces CPU usage and memory footprint by 90% and 60% respectively when compare it with the existing emulators.
By designing Fraus, we aim to raise public concerns about the simplicity of committing click fraud and to suggest countermeasures to mitigate such risks.
Figure 1. System Architecture of Fraus
Figure 2. Overview of Android Telephony Architecture
Support from the Centre for eResearch
This research involves extensive compiling tasks of the Android source codes. The whole process may take up to 3 hours in a normal desktop machine. The long-lasting waiting greatly impact the research progress.
Thanks to the staff at CeR who assisted our group gaining the access to the virtual machines with abundant CPU cores and terabytes of high-speed data storage, which significantly boost our research progress. Meanwhile, CeR created ready-to-go compiling environment for us, which is quite helpful as our research group can simply focus on our research targets without tuning the complicated settings of the virtual machines.