International Journal of Research

With 20 million installs a day, third-party apps are a main reason for the reputation and addictiveness of Facebook. Unluckily, hackers have realized the potential of using apps for scattering malware and spam. The problem is already major, as we find that at least 13% of apps in our dataset are malicious to date, the research community has focused on detecting malicious posts and campaigns. In this paper, we ask the question: given a Facebook application, can we decide if it is malicious? Our key contribution is in developing FRAppE Facebook’s Rigorous Application Evaluator arguably the first tool focused on finding malicious apps on Facebook. To develop FRAppE, we use information gathered by observing the posting behavior of 111K Facebook apps seen across 2.2 million users on Facebook. First, we identify a set of features that aids us distinguish malicious apps from benign ones. For example, we discover that malicious apps often share names with other apps, and they typically request fewer permissions than benign apps. Second, leveraging these distinguishing features, we demonstrate that FRAppE can identify malicious apps with 99.5% accuracy, with no false positives and a low false negative rate (4.1%). Finally, we explore the ecosystem of malicious Facebook apps and recognize mechanisms that these apps use to spreadinterestingly, we find that many apps collude and support each other; in our dataset, we find 1,584 apps enabling the viral propagation of 3,723 other apps through their posts. Long-term, we see FRAppE as a step towards creating an independent watchdog for app assessment and ranking, so as to warn Facebook users before installing apps.

Keywords: Facebook Apps, Malicious Apps, Profiling Apps, Online Social Networks