The Many Kinds of Creepware Used for Interpersonal Attacks

  title={The Many Kinds of Creepware Used for Interpersonal Attacks},
  author={Kevin A. Roundy and Paula Barmaimon Mendelberg and Nicola Dell and Damon McCoy and Daniel N. Nissani and Thomas Ristenpart and Acar Tamersoy},
  journal={2020 IEEE Symposium on Security and Privacy (SP)},
Technology increasingly facilitates interpersonal attacks such as stalking, abuse, and other forms of harassment. While prior studies have examined the ecosystem of software designed for stalking, there exists an unstudied, larger landscape of apps—what we call creepware—used for interpersonal attacks. In this paper, we initiate a study of creepware using access to a dataset detailing the mobile apps installed on over 50 million Android devices. We develop a new algorithm, CreepRank, that uses… Expand
Lifting The Grey Curtain: A First Look at the Ecosystem of CULPRITWARE
The investigation shows that the majority of CULPRITWARE are propagated through social media rather than the official app markets, and most CUL PRITWARE indirectly rely on the covert fourth-party payment services to transfer the profits. Expand
SoK: Hate, Harassment, and the Changing Landscape of Online Abuse
We argue that existing security, privacy, and antiabuse protections fail to address the growing threat of online hate and harassment. In order for our community to understand and address this gap, weExpand
How Did That Get In My Phone? Unwanted App Distribution on Android Devices
An analysis of the who-installs-who relationships between installers and child apps reveals that the Play market is the main app distribution vector, responsible for 87% of all installs and 67% of unwanted app installs, but it also has the best defenses against unwanted apps. Expand
"We Even Borrowed Money From Our Neighbor"
Mobile-based scams are on the rise in emerging markets. However, the awareness about these scams and ways to avoid them remains limited among mobile users. We present a qualitative analysis of theExpand
The Tools and Tactics Used in Intimate Partner Surveillance: An Analysis of Online Infidelity Forums
This work identifies five online forums containing discussion of monitoring cellphones and other means of surveilling an intimate partner, including three within the context of investigating relationship infidelity and performs a mixed-methods analysis of these forums, surfacing the tools and tactics that attackers use to perform surveillance. Expand
The Role of Computer Security Customer Support in Helping Survivors of Intimate Partner Violence
  • Yixin Zou, Allison McDonald, +5 authors Acar Tamersoy
  • Computer Science
  • USENIX Security Symposium
  • 2021
Recommendations for computer security companies to better address tech-enabled IPV through training support agents, tracking the prevalence of these cases, and establishing partnerships with IPV advocates are concluded. Expand
Patriarchy and Social Media: Women Only Facebook Groups as Safe Spaces for Support Seeking in Pakistan
The use of closed Facebook groups as a vital mechanism for access to anonymous peer support in Pakistan for taboo narratives like abortion, sexual harassment, rape, domestic abuse and issues relating to child-rearing and parenting is investigated. Expand
Attack Transferability Characterization for Adversarially Robust Multi-label Classification
  • Zhuo Yang, Yufei Han, Xiangliang Zhang
  • Computer Science
  • 2021
This work unveils how the transferability level of the attack determines the attackability of the classifier via establishing an informationtheoretic analysis of the adversarial risk, and proposes a transferability-centered attackability assessment, named Soft Attackability Estimator (SAE), to evaluate the intrinsic vulnerabilitylevel of the targeted multi-label classifier. Expand
Characterizing the Evasion Attackability of Multi-label Classifiers
This study associates the attackability of a targeted multi-label classifier with the regularity of the classifier and the training data distribution and proposes an efficient empirical attackability estimator via greedy label space exploration that provides provably computational efficiency and approximation accuracy. Expand


“A Stalker's Paradise”: How Intimate Partner Abusers Exploit Technology
It is shown how the sociotechnical and relational factors that characterize IPV make such attacks both extremely damaging to victims and challenging to counteract, in part because they undermine the predominant threat models under which systems have been designed. Expand
When Governments Hack Opponents: A Look at Actors and Technology
An extensive collection of suspicious files and links targeting activists, opposition members, and nongovernmental organizations in the Middle East over the past several years are analyzed, finding that these artifacts reflect efforts to attack targets' devices for the purposes of eavesdropping, stealing information, and/or unmasking anonymous users. Expand
To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild
This work is the first large-scale systematic study of RAT use of DarkComet, a popular commercial RAT, and monitors a sample's behavior in the system to reconstruct the sequence of operator actions, giving a unique view into operator behavior. Expand
Taming Information-Stealing Smartphone Applications (on Android)
A system called TISSA is developed that implements a new privacy mode in smartphones that can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Expand
Guilt by association: large scale malware detection by mining file-relation graphs
AESOP is presented, a scalable algorithm that identifies malicious executable files by applying Aesop's moral that "a man is known by the company he keeps" to identify close relationships between files that often appear together on machines. Expand
Measuring PUP Prevalence and PUP Distribution through Pay-Per-Install Services
This work performs the first systematic study of PUP prevalence and its distribution through pay-perinstall (PPI) services, finding that over half (54%) of the examined hosts have PUP installed and that PUP distribution is largely disjoint from malware distribution. Expand
Want to Earn a Few Extra Bucks? A First Look at Money-Making Apps
This study proposes a semi-automated approach aiming to harvest money-making apps from Google Play and alternative app markets, creates a taxonomy to classify them into five categories, and performs an empirical study from different aspects. Expand
A Look at Targeted Attacks Through the Lense of an NGO
It is found that the NGO received malware from different families and that over a quarter of the malware can be linked to entities that have been reported to engage in targeted attacks against political and industrial organizations, and Tibetan NGOs. Expand
The Spyware Used in Intimate Partner Violence
This work designs, implements, and evaluates a measurement pipeline that combines web and app store crawling with machine learning to find and label apps that are potentially dangerous in IPS contexts, and identifies several hundred IPS-relevant apps. Expand
DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket
DREBIN is proposed, a lightweight method for detection of Android malware that enables identifying malicious applications directly on the smartphone and outperforms several related approaches and detects 94% of the malware with few false alarms. Expand