查看文章

In this paper we present a novel approach for detection of mobile app impersonation attacks. Our system uses dynamic code analysis to extract user interfaces from mobile apps and analyzes the extracted screenshots to detect impersonation. As the detection is based on the visual appearance of the application, as seen by the user, our approach is robust towards the attack implementation technique and resilient to simple detection avoidance methods such as code obfuscation. We analyzed over 150,000 mobile apps and detected over 40,000 cases of impersonation. Our work demonstrates that impersonation detection through user interface extraction is effective and practical at large scale.