Integrating a framework for discovering alternative app stores in a mobile app monitoring platform

Nowadays, implementing brand protection strategies has become a necessity for enterprises delivering services through dedicated apps. Increasingly, malicious developers spread unauthorized (fake, malicious, obsolete or deprecated) mobile apps through alternative distribution channels and marketplaces. In this work, we propose a framework for the early detection of these alternative markets advertised through social media such as Twitter or Facebook or hosted in the Dark Web. Specifically, it combines a data modeling approach and an ensemble learning technique, allowing to recommend web pages that are likely to represent alternative marketplaces. The framework has been implemented in a prototype system called Unauthorized App Store Discovery (UASD), and integrated in a security enterprise platform for the monitoring of malicious/unauthorized mobile apps. UASD allows to analyze web pages extracted from the Web and exploits a classification model to distinguish between real app stores and similar pages (i.e. blogs, forums, etc.) which can be erroneously returned by a common search engine. An experimental evaluation on a real dataset confirms the validity of the approach in terms of accuracy.