Humanoid Attack: New Form Of Click Fraud Identified Through Machine Learning
A research initiative from the US, Australia and China has identified a new strain of click fraud, dubbed ‘Humanoid Attack’ that slips past conventional detection frameworks, and exploits real-life user interactions in mobile apps in order to generate revenue from fake clicks on embedded third-party framework advertisements.
The paper, led by Shanghai Jiao Tong University, contends that this new variation on click fraud is already widely diffused, and identifies 157 infected apps out of the top-rated 20,000 apps across the Google Play and Huawei app markets.
One HA-infected social and communication app discussed in the study is reported to have 570 million downloads. The report notes that four other apps ‘produced by the same company are manifested to have similar click fraud codes’.
To detect apps which feature Humanoid Attack (HA), the researchers developed a tool entitled ClickScanner, which generates data dependency graphs, based on static analysis, from bytecode-level inspection of Android apps.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25415669/1238020424.jpg)
