International Journal of Research

Facebook applications are one of the reasons for Facebook attractiveness. Unfortunately, numerous users are not aware of the fact that many malicious Facebook applications exist. With 20 million installs a day[1], thirdparty apps are a major reason for the popularity and addictiveness of Facebook. But, cyber criminals have realized the potential of using apps for spreading malware and spam like unsolicited mail. The problem is already significant, as we find that at least 13% of apps in the sample dataset are malicious. So far, the research community has focused on detecting malicious posts and campaigns. In this paper, we ask the question: given a Facebook application, can we determine if it is malicious? Our key contribution is surveying FRAppE—Facebook’s Rigorous Application Evaluator—arguably the primary tool focused on detecting malicious apps on Facebook. There are 2.2 millions of people using Facebook, so in order to develop FRAppE, the information about the posting behavior of Facebook user’s is observed and gathered. FRAppE is shown that it can detect malicious apps with 99.5% accuracy, with no false positives and a low false negative rate (4.1%).Strangely, it is found that many apps collude and support each other; in the dataset, it is found 1,584 apps enabling the viral propagation of 3,723 other apps through their posts. Longterm, we see FRAppE as a step towards creating an independent watchdog for app assessment and ranking, so as to warn Facebook users before installing apps.