Álvaro Feal's research while affiliated with University Carlos III de Madrid and other places

Publications (10)

Preprint
Full-text available
The ability to identify the author responsible for a given software object is critical for many research studies and for enhancing software transparency and accountability. However, as opposed to other application markets like iOS, attribution in the Android ecosystem is known to be hard. Prior research has leveraged market metadata and signing cer...
Article
Blocklists constitute a widely-used Internet security mechanism to filter undesired network traffic based on IP/domain reputation and behavior. Many blocklists are distributed in open source form by threat intelligence providers who aggregate and process input from their own sensors, but also from third-party feeds or providers. Despite their wide...
Preprint
"Incentivized" advertising platforms allow mobile app developers to acquire new users by directly paying users to install and engage with mobile apps (e.g., create an account, make in-app purchases). Incentivized installs are banned by the Apple App Store and discouraged by the Google Play Store because they can manipulate app store metrics (e.g.,...
Article
Full-text available
It is commonly assumed that “free” mobile apps come at the cost of consumer privacy and that paying for apps could offer consumers protection from behavioral advertising and long-term tracking. This work empirically evaluates the validity of this assumption by comparing the privacy practices of free apps and their paid premium versions, while also...
Article
Full-text available
Android parental control applications are used by parents to monitor and limit their children’s mobile behaviour ( e.g., mobile apps usage, web browsing, calling, and texting). In order to offer this service, parental control apps require privileged access to system resources and access to sensitive data. This may significantly reduce the dangers a...
Conference Paper
Full-text available
Modern privacy regulations, including the General Data Protection Regulation (GDPR) in the European Union, aim to control user tracking activities in websites and mobile applications. These privacy rules typically contain specific provisions and strict requirements for websites that provide sensitive material to end users such as sexual, religious,...

Citations

... To achieve their goals, the authors mostly make use of taint analysis methods. In another recent study [39], pre-installed OTA applications have been the main concern. ...
... For example, when a website is infected with malware, an initial remediation action is to check for the file integrity and malicious code injections whereas when a website is compromised with a phishing page, an initial task is to identify pages or folders that are created recently and contain login/payment forms. It is thus crucial to promptly and accurately determine the attack type of a malicious URL to build the corresponding ground truth [18]. The current practice is to rely on either blocklists or heuristics. ...
... FlowDNS helps ISPs to better plan their networks, while providing the opportunity to analyze the traffic originated by malicious IDN homographs and spam domain names. There have been several studies on detecting malicious or unwanted domain names [1,20,26,29], detecting IDN homographs [27,30,31], and also analyzing domain classification services [28]. However, to the best of our knowledge, there is no work measuring the traffic going to/originated by these domains. ...
... As a result, end users are potential victims of impersonation attacks, such as repackaged malware [22] or phishing attacks [26], which may also have a negative impact on the revenue streams and reputation of legitimate developers. Prior research has relied on self-declared data, such as the app certificate [3], [6], [10], [20], [22], [27]- [36], app name [3], [8], [36], [37], the package name [20], [32], [38], or market metadata [3], [5], [7], [8], [10], [36]- [40] for author attribution. In some cases, authors combined multiple signals hoping to increase their strength. ...
... More than 10 years earlier, the FTC showed that enacting COPPA had an effect on encouraging websites to be transparent and more protective of their users' data [24]. These reports spurred further research that aimed to understand the privacy behaviors of mobile apps at a larger scale [43,47,54,57,[62][63][64]76], examine consumer expectations of privacy [48,56,58,66,71,75], and understand app developers' privacy practices [53,61,65,67]. ...
... proposed a system to detect their malicious behaviors at runtime, which when used on child-directed apps uncovered that most prompted kids to disclose their personal data to advertisers [39]. Researchers who tested apps targeting wider audiences (e.g., parental control apps [44] and smart TV apps [57]) similarly identified behaviors that threaten user privacy and make the apps potentially non-compliant with applicable regulations. ...
... Interestingly, some of the most well-behaved sites were sites categorized as "Piracy/Copyright Concerns" (77.6%), "Suspicious" (77.5%), and "Pornography" (77.7%). This may be because these sites exist outside the usual ad ecosystem that powers the conventional web, as documented by [76]. Finally, the "Search Engines/Portals" category ironically had the lowest value for Direct Referrer leaks (55.3%), possibly because these tend to be large sites whose central focus is search, and are no doubt aware of the sensitivity of search terms and are careful against this data leaking into the hands of competitors. ...