A more related aspect of advertising security research is
the so-called web malvertising. An important part of our study
is malicious advertising in mobile applications. The analogous
problem of malicious advertising on the Web, dubbed as
malvertising, has been studied in the past. Li et al. [5] use a
systematic methodology to crawl websites and load ad content
in them. They then analyze the redirection chains and landing
pages for malicious activity. Zarras et al. [4] have also studied
web malvertising. Our work is different from these works in
several aspects. First, our focus is on mobile applications;
a similar study on mobile apps has not been done earlier.
Moreover, we broadly study all app-web interaction and not just
advertisements. Second, a study on mobile applications needs an
additional triggering component in the methodology. Triggering
for web malvertising is trivial as the entire web page is loaded
at once with all the advertisements simultaneously visible.
Triggering increases the complexity of the methodology and we
have also made an important contribution to enhance it. Finally,
the malware propagation vectors through web malvertising are
different from what we see on mobile. Drive-by-downloads are
virtually non-existent on mobile platforms such as Android due
to sandboxing at the process level. Similarly link hijacking, i.e.,
advertisement or other malicious code embedded in a web page
automatically redirecting users to a page they did not intend
without any user interaction, is also not possible on mobile
apps. Rather the main propagation vector for malware is trojans.
Collecting trojans again complicates our methodology as we
need to automatically download content from the landing pages.