A Survey Paper on FRAPPE-Facebook Rigorous Application Evaluator
Nitya Sree, Sajitha Swathi, Vishwanatha
Facebook applications are one of the reasons for Facebook attractiveness. Unfortunately, numeroususers are not aware of the fact that many malicious Facebook applications exist. Hackers have realized the potential of using apps for spreading malware and spam. The problem is already significant, as in our dataset, we find that at least 20% of apps are malicious. So far, the research community has focused on detecting malicious posts. In this paper, we ask the question: Given a Facebook application, can we determine if it is malicious or not? Our key contribution is in developing FRAppE-Facebook's Rigorous Application Evaluator-the first tool focused on detecting malicious apps on Facebook. To develop FRAppE, we use information gathered by observing the posting behavior of 989 million Facebook apps are seen across 1.86 billion users on Facebook. First, we identify a set of features that help us distinguish malicious apps from benign ones. Second, leveraging these distinguishing features, we show that FRAppE can detect malicious apps with 99.5% accuracy, with no false positives and a high true positive rate (4.1%). Finally, we explore the ecosystem of malicious Facebook apps and identify mechanisms that these apps use to propagate. Long term, we see FRAppE as a step toward creating an independent watchdog for app assessment and ranking, so as to warn Facebook users before installing apps.
Archived Files and Locations
|application/pdf 847.7 kB ||
access all versions, variants, and formats of this works (eg, pre-prints)