Threat Analysis of Fake Virus Alerts Using WebView Monitor

As mobile devices have become more popular, mobile web browsing has surpassed desktop browser use and the number of mobile malware cases has increased. The methods of infiltrating Android devices with malware include malvertising and scams. Android users can access websites via web browsers and Andr...

Full description

Saved in:
Bibliographic Details
Published inInternational Symposium on Computing and Networking (Online) pp. 28 - 36
Main Authors Imamura, Yuta, Orito, Rintaro, Chaikaew, Kritsana, Manardo, Celia, Leelaprute, Pattara, Sato, Masaya, Yamauchi, Toshihiro
Format Conference Proceeding
LanguageEnglish
Japanese
Published IEEE 01.11.2019
Subjects
Android
Browsers
Computer crime
Computer viruses
Fake Virus Alert
Monitoring
Security
Smart phones
Threat Analysis
Viruses (medical)
Web Access Monitoring
Web Security
WebView
Online AccessGet full text

Cover

More Information
Summary:As mobile devices have become more popular, mobile web browsing has surpassed desktop browser use and the number of mobile malware cases has increased. The methods of infiltrating Android devices with malware include malvertising and scams. Android users can access websites via web browsers and Android apps using WebView, which displays web content inside an app without redirecting users to web browsers. However, WebView is vulnerable to cyberattacks and the security mechanisms are not sufficient to prevent all attacks. In this study, to analyze web access threats via WebView, we investigated web access to malicious websites against Android mobile devices. In particular, we focused on fake virus alerts. To monitor web access for threat analysis, we improved the WebView Monitor [1] to capture all web access via Android WebView. In particular, we analyzed the mechanism of displaying a fake virus alert while browsing websites on Android.
ISSN:2379-1896
DOI:10.1109/CANDAR.2019.00012