Fraus : launching cost-efficient and scalable mobile click fraud has never been so easy

Abstract

Mobile click fraud is a type of attack where an adversary deceptively generates click events on mobile applications in pursuit of revenue. Conventionally, the attack is carried out by automating a massive number of physical devices. However, purchasing the devices incur substantial costs. A cheaper alternative to the physical devices is emulators. However, existing emulators are inefficient and vastly blocked due to their immense resource demand and defective device signatures. In this paper, we propose Fraus 1 , a cost-efficient and scalable approach to conduct largescale click fraud using device emulators. Fraus maintains a low resource profile by circumventing graphics emulation and applying lazy-loading techniques on system components. Besides, Fraus provides a seemingly authentic device signature and disguises itself as a legitimate device by fully emulating the missing hardware components including WiFi interfaces and cellular modems. To facilitate the management of numerous emulator instances, Fraus also offers a distributed management system, which is scalable and fault-tolerant. We evaluate the performance of Fraus by mocking attacks against the top 300 applications from the Google Play store. The results demonstrate that Fraus has high system stability and application compatibility. It also significantly reduces CPU usage and memory footprint up to 90% and 60% respectively compared with the existing emulators.1In Roman mythology, Fraus was the goddess or personification of treachery and fraud.