In this work, we propose a novel approach for addressing mobile application spoofing attacks by leveraging the visual similarity of application screens. We use deception rate as a novel metric for measuring how many users would confuse a spoofing application for the genuine one. We conducted a large-scale online study where participants evaluated spoofing samples of popular mobile applications. We used the study results to design and implement a prototype spoofing detection system, tailored to the estimation of deception rate for mobile application login screens.
Category / Keywords: mobile security Date: received 16 Jul 2015, last revised 9 Jan 2017 Contact author: luka malisa at inf ethz ch Available format(s): PDF | BibTeX Citation Version: 20170109:153956 (All versions of this report) Short URL: ia.cr/2015/709