DARKFLEECE: Probing the Dark Side of Android Subscription Apps

A 10-minute conference presentation at USENIX Security '24 explores the development and implementation of DARKFLEECE, an automated system for detecting malicious subscription apps known as fleeceware on Android devices. Learn about how researchers from multiple institutions created the first fleeceware feature library based on dark patterns in user interfaces, achieving 93.43% detection accuracy through innovative extraction methods combining UI elements, layout analysis, and multifaceted rules. Discover the alarming findings from scanning 13,597 Google Play apps, where 75.21% of subscription apps showed fleeceware characteristics across 5 billion downloads. Gain insights into how Explainable Artificial Intelligence provides user-friendly risk alerts and understand the implications for app developers, users, and market regulators in combating this growing cybersecurity threat.