Whom does your android app talk to?

Xuetao Wei, Iulian Neamtiu, Michalis Faloutsos

Research output: Contribution to journalConference articlepeer-review

6 Scopus citations


Smartphone privacy and security work has focused mostly on malicious apps. We take a different angle by questioning whether good apps suffer from a lack of judgment and interact with »bad» websites. We use the term bad websites to refer to entities that engage in dangerous or annoying activities that range from distributing malware, to phishing and overly aggressive ad spamming. The focus of our work is this relatively neglected aspect of security: »Whom does an app talk to?» In this paper, we design and implement AURA, a framework for identifying the hosts that an app talks to and evaluating the risks this communication entails. AURA makes use of both static and dynamic analysis. We studied 13,500 popular free Android apps that connect to 254,022 URLs and 1,260 malicious Android apps that connect to 19,510 URLs. Our main contribution is showing that good apps pose security risks as they contact at least one website that: (a) distributes malware (8.8% of apps), (b) are in a blacklist (15% of apps) based on the classification by VirusTotal and Web of Trust. Our work can raise awareness that even good apps need to be carefully evaluated, especially as people become more concerned about smartphone security and privacy.

Original languageEnglish (US)
Article number7416952
JournalProceedings - IEEE Global Communications Conference, GLOBECOM
StatePublished - 2015
Externally publishedYes
Event58th IEEE Global Communications Conference, GLOBECOM 2015 - San Diego, United States
Duration: Dec 6 2015Dec 10 2015

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Hardware and Architecture
  • Signal Processing


Dive into the research topics of 'Whom does your android app talk to?'. Together they form a unique fingerprint.

Cite this