{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T17:47:47Z","timestamp":1748627267760,"version":"3.37.3"},"reference-count":66,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"4","license":[{"start":{"date-parts":[[2022,7,1]],"date-time":"2022-07-01T00:00:00Z","timestamp":1656633600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,7,1]],"date-time":"2022-07-01T00:00:00Z","timestamp":1656633600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,7,1]],"date-time":"2022-07-01T00:00:00Z","timestamp":1656633600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Leading-edge Technology Program of Jiangsu NSF","award":["BK20202001"],"award-info":[{"award-number":["BK20202001"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2022,7,1]]},"DOI":"10.1109\/tdsc.2021.3068209","type":"journal-article","created":{"date-parts":[[2021,3,23]],"date-time":"2021-03-23T20:23:41Z","timestamp":1616531021000},"page":"2648-2664","source":"Crossref","is-referenced-by-count":3,"title":["Who Moves My App Promotion Investment? A Systematic Study About App Distribution Fraud"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7572-1959","authenticated-orcid":false,"given":"Shaoyong","family":"Du","sequence":"first","affiliation":[{"name":"State Key Laboratory of Novel Software Technology, Nanjing University, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0058-4136","authenticated-orcid":false,"given":"Minrui","family":"Zhao","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Novel Software Technology, Nanjing University, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6709-4801","authenticated-orcid":false,"given":"Jingyu","family":"Hua","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Novel Software Technology, Nanjing University, Nanjing, China"}]},{"given":"Hang","family":"Zhang","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, University of California, Riverside, Riverside, CA, USA"}]},{"given":"Xiaoyu","family":"Chen","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Novel Software Technology, Nanjing University, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1506-2522","authenticated-orcid":false,"given":"Zhiyun","family":"Qian","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, University of California, Riverside, Riverside, CA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6581-8730","authenticated-orcid":false,"given":"Sheng","family":"Zhong","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Novel Software Technology, Nanjing University, Nanjing, China"}]}],"member":"263","reference":[{"article-title":"The state of mobile in 2019 - The most important trends to know","year":"2018","author":"Sydow","key":"ref1"},{"article-title":"How many mobile apps are actually used?","year":"2017","author":"Hopwood","key":"ref2"},{"article-title":"Appsflyer forecasts global app install ad spend to reach 64 billion dollars by 2020","year":"2018","author":"Gogel","key":"ref3"},{"year":"2019","key":"ref4","article-title":"Average mobile app user acquisition costs from September 2017 to August 2018, by region (in U.S. dollars)"},{"year":"2019","key":"ref5","article-title":"Average mobile app user acquisition costs worldwide from September 2017 to August 2018, by user action and operating system (in U.S. dollars)"},{"year":"2019","key":"ref6","article-title":"Set up install tracking for mobile apps"},{"article-title":"Top cost per install (CPI) networks","year":"2019","author":"El Hady","key":"ref7"},{"key":"ref8","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-319-56793-8","volume-title":"Fraud Prevention in Online Digital Advertising (Springer Briefs in Computer Science)","author":"Zhu","year":"2017"},{"year":"2019","key":"ref9","article-title":"The Chinese mobile apps market: All you need to know about app distribution"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/3340301.3341122"},{"key":"ref11","first-page":"227","article-title":"Website-targeted false content injection by network operators","volume-title":"Proc. 25th USENIX Security Symp.","author":"Nakibly"},{"article-title":"When is the right time to promote my app? How can I promote my app?","year":"2019","author":"Chang","key":"ref12"},{"key":"ref13","article-title":"Huawei appgallery paid promotion"},{"article-title":"Android app promotion in China","year":"2019","author":"Zhang","key":"ref14"},{"article-title":"Tracking out-of-store android markets","year":"2019","author":"Spector","key":"ref15"},{"year":"2019","key":"ref16","article-title":"The AppInChina app store index"},{"year":"2018","key":"ref17","article-title":"Hypertext transfer protocol (HTTP) status code registry"},{"key":"ref18","first-page":"307","article-title":"Global measurement of DNS manipulation","volume-title":"Proc. 26th USENIX Security Symp.","author":"Pearce"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-04918-2_18"},{"year":"2019","key":"ref20","article-title":"Application signing"},{"year":"2019","key":"ref21","article-title":"Range retrieval requests"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66332-6_8"},{"year":"2019","key":"ref23","article-title":"Appnote.txt - .zip file format specification"},{"year":"2019","key":"ref24","article-title":"Top sites in China"},{"key":"ref25","first-page":"139","article-title":"Cross-promotion and branding of media product portfolios","volume-title":"Media product portfolios: Issues in Management of Multiple Products and Services","author":"Norb\u00e4ck","year":"2005"},{"year":"2019","key":"ref26","article-title":"Annual data by province"},{"year":"2019","key":"ref27","article-title":"Number of available applications in the Google Play Store from December 2009 to March 2019"},{"article-title":"US internet providers hijacking users\u2019 search queries","year":"2011","author":"Giles","key":"ref28"},{"article-title":"Widespread hijacking of search traffic in the United States","year":"2011","author":"Kreibich","key":"ref29"},{"year":"2009","key":"ref30","article-title":"China unicom Qingdao punished for website traffic hijacking"},{"article-title":"Internet provider redirects users in Turkey to spyware: Report","year":"2018","author":"Arghire","key":"ref31"},{"year":"2018","key":"ref32","article-title":"App install fraud"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.33"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815708"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131393"},{"key":"ref36","first-page":"1","article-title":"No please, after you: Detecting fraud in affiliate marketing networks","volume-title":"Proc. 14th Annu. Workshop Econ. Inf. Secur.","author":"Snyder"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2015.62"},{"key":"ref38","first-page":"31","article-title":"Detecting in-flight page changes with web tripwires","volume-title":"Proc. 5th USENIX Symp. Netw. Syst. DesImplementation","author":"Reis"},{"key":"ref39","first-page":"1","article-title":"Integrity of the web content: The case of online advertising","volume-title":"Proc. Workshop Collaborative Methods Secur. Privacy","author":"Vratonjic"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2016.58"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2736277.2741630"},{"key":"ref42","first-page":"481","article-title":"Tracing information flows between ad exchanges using retargeted ads","volume-title":"Proc. 25th USENIX Secur. Symp.","author":"Bashir"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3038912.3052698"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23234"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/3317549.3323407"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/2736277.2741136"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/HASE.2016.17"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236045"},{"key":"ref49","first-page":"1","article-title":"Warningbird: Detecting suspicious URLs in twitter stream","volume-title":"Proc. 19th Annu. Netw. Distrib. Syst. Secur. Symp.","author":"Lee"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382267"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516682"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.01.003"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.17"},{"key":"ref54","first-page":"195","article-title":"Satellite: Joint analysis of CDNs and network-level interference","volume-title":"Proc. USENIX Annu. Techn. Conf.","author":"Scott"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987455"},{"key":"ref56","first-page":"1","article-title":"Hold-on: Protecting against on-path DNS poisoning","volume-title":"Proc. Workshop Securing Trusting Internet Names","author":"Duan"},{"key":"ref57","first-page":"1","article-title":"Detecting forged TCP reset packets","volume-title":"Proc. 16th Annu. Netw. Distrib. Syst. Secur. Symp.","author":"Weaver"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23244"},{"key":"ref59","first-page":"1","article-title":"Inferring mechanics of web censorship around the world","volume-title":"Proc. 2nd USENIX Workshop Free Open Commun. Internet","author":"Verkamp"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-19260-9_14"},{"key":"ref61","first-page":"1","article-title":"Internet censorship in Iran: A first look","volume-title":"Proc. 3rd USENIX Workshop Free Open Commun. Internet","author":"Aryan"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1145\/2317307.2317311"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663720"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879173"},{"article-title":"Measuring privacy, security, and censorship through the utilization of online advertising exchanges","year":"2015","author":"Zimmerman","key":"ref65"},{"key":"ref66","first-page":"1","article-title":"Inflight modifications of content: Who are the culprits?","volume-title":"Proc. 4th USENIX Workshop Large-Scale Exploits Emergent Threats","author":"Zhang"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8858\/9821019\/09384173.pdf?arnumber=9384173","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,9]],"date-time":"2024-01-09T22:56:21Z","timestamp":1704840981000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9384173\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,1]]},"references-count":66,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2021.3068209","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"type":"print","value":"1545-5971"},{"type":"electronic","value":"1941-0018"},{"type":"electronic","value":"2160-9209"}],"subject":[],"published":{"date-parts":[[2022,7,1]]}}}