Understanding Miniapp Malware: Identification, Dissection, and Characterization
Yuqing Yang
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · Mobile Security
The proliferation of **mini apps** within "super app" ecosystems has revolutionized mobile user experience, offering diverse functionalities within a single, lightweight platform. However, this convenience introduces a significant new attack surface for malicious actors. This talk, presented by Yuqing Yang from The Ohio State University, in collaboration with Drexel University, delves into the emerging threat of **mini app malware**. The research addresses the critical gap in understanding and combating these threats by providing the first comprehensive **mini app malware** dataset, a detailed taxonomy of their payloads, and a characterization of their lifecycle.
AI review
Legitimate academic research on a real and underexplored attack surface — mini app malware in WeChat-style super app ecosystems. The dataset construction methodology is sound and the evasion taxonomy is useful, but this reads more like a solid systems-security paper than a talk that will make defenders change behavior tomorrow.