Application marketplace malware detection by user feedback analysis

Tal Hadad, Rami Puzis, Bronislav Sidik, Nir Ofek, Lior Rokach

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Smartphones are becoming increasingly ubiquitous. Like recommended best practices for personal computers, users are encouraged to install antivirus and intrusion detection software on their mobile devices. However, even with such software these devises are far from being fully protected. Given that application stores are the source of most applications, malware detection on these platforms is an important issue. Based on our intuition, which suggests that an application’s suspicious behavior will be noticed by some users and influence their feedback, we present an approach for analyzing user reviews in mobile application stores for the purpose of detecting malicious apps. The proposed method transfers an application’s text reviews to numerical features in two main steps: (1) extract domain-phrases based on external domain-specific textual corpus on computer and network security, and (2) compute three statistical features based on domain-phrases occurrences. We evaluated the proposed methods on 2,506 applications along with their 128,863 reviews collected from “Amazon AppStore”. The results show that proposed method yields an AUC of 86% in the detection of malicious applications.

Original languageAmerican English
Title of host publicationInformation Systems Security and Privacy - 3rd International Conference, ICISSP 2017, Revised Selected Papers
EditorsPaolo Mori, Olivier Camp, Steven Furnell
PublisherSpringer Verlag
Number of pages19
ISBN (Electronic)978-3-319-93354-2
ISBN (Print)9783319933535
StatePublished - 9 Jun 2018
Event3rd International Conference on Information Systems Security and Privacy, ICISSP 2017 - Porto, Portugal
Duration: 19 Feb 201721 Feb 2017

Publication series

NameCommunications in Computer and Information Science


Conference3rd International Conference on Information Systems Security and Privacy, ICISSP 2017


  • Malware detection
  • Mobile malware
  • Review mining
  • Text mining
  • User feedback analysis

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • General Mathematics


Dive into the research topics of 'Application marketplace malware detection by user feedback analysis'. Together they form a unique fingerprint.

Cite this