TY - GEN
T1 - The Spyware Used in Intimate Partner Violence
AU - Chatterjee, Rahul
AU - Doerfler, Periwinkle
AU - Orgad, Hadas
AU - Havron, Sam
AU - Palmer, Jackeline
AU - Freed, Diana
AU - Levy, Karen
AU - Dell, Nicola
AU - McCoy, Damon
AU - Ristenpart, Thomas
N1 - Funding Information:
We thank Kurt Thomas and others at Google for their feedback, as well as the anonymous reviewers for their insightful comments. This work was supported in part by NSF grants 1619620, 1717062, 1330308, 1253870, and 1514163, as well as gifts from Comcast, Google, and Microsoft.
Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/23
Y1 - 2018/7/23
N2 - Survivors of intimate partner violence increasingly report that abusers install spyware on devices to track their location, monitor communications, and cause emotional and physical harm. To date there has been only cursory investigation into the spyware used in such intimate partner surveillance (IPS). We provide the first in-depth study of the IPS spyware ecosystem. We design, implement, and evaluate a measurement pipeline that combines web and app store crawling with machine learning to find and label apps that are potentially dangerous in IPS contexts. Ultimately we identify several hundred such IPS-relevant apps. While we find dozens of overt spyware tools, the majority are 'dual-use' apps - they have a legitimate purpose (e.g., child safety or anti-theft), but are easily and effectively repurposed for spying on a partner. We document that a wealth of online resources are available to educate abusers about exploiting apps for IPS. We also show how some dual-use app developers are encouraging their use in IPS via advertisements, blogs, and customer support services. We analyze existing anti-virus and anti-spyware tools, which universally fail to identify dual-use apps as a threat.
AB - Survivors of intimate partner violence increasingly report that abusers install spyware on devices to track their location, monitor communications, and cause emotional and physical harm. To date there has been only cursory investigation into the spyware used in such intimate partner surveillance (IPS). We provide the first in-depth study of the IPS spyware ecosystem. We design, implement, and evaluate a measurement pipeline that combines web and app store crawling with machine learning to find and label apps that are potentially dangerous in IPS contexts. Ultimately we identify several hundred such IPS-relevant apps. While we find dozens of overt spyware tools, the majority are 'dual-use' apps - they have a legitimate purpose (e.g., child safety or anti-theft), but are easily and effectively repurposed for spying on a partner. We document that a wealth of online resources are available to educate abusers about exploiting apps for IPS. We also show how some dual-use app developers are encouraging their use in IPS via advertisements, blogs, and customer support services. We analyze existing anti-virus and anti-spyware tools, which universally fail to identify dual-use apps as a threat.
KW - Android Spyware
KW - Domestic Violence
KW - Dual use Apps
KW - Intimate Partner Violence
KW - Play Store Crawling
KW - Query Snowballing
KW - Spyware
UR - http://www.scopus.com/inward/record.url?scp=85051012042&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85051012042&partnerID=8YFLogxK
U2 - 10.1109/SP.2018.00061
DO - 10.1109/SP.2018.00061
M3 - Conference contribution
AN - SCOPUS:85051012042
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 441
EP - 458
BT - Proceedings - 2018 IEEE Symposium on Security and Privacy, SP 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 39th IEEE Symposium on Security and Privacy, SP 2018
Y2 - 21 May 2018 through 23 May 2018
ER -