CLAP: Classification of android PUAs by similarity of DNS queries

Mitsuhiro Hatada, Tatsuya Mori

Research output: Contribution to journalArticlepeer-review


This work develops a system called CLAP that detects and classifies "potentially unwanted applications" (PUAs) such as adware or remote monitoring tools. Our approach leverages DNS queries made by apps. Using a large sample of Android apps from third-party marketplaces, we first reveal that DNS queries can provide useful information for detection and classification of PUAs. We then show that existing DNS blacklists are limited when performing these tasks. Finally, we demonstrate that the CLAP system performs with high accuracy.

Original languageEnglish
Pages (from-to)265-275
Number of pages11
JournalIEICE Transactions on Information and Systems
Issue number2
Publication statusPublished - 2020


  • Classification
  • DNS query
  • PUA
  • PUP
  • Potentially unwanted

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Vision and Pattern Recognition
  • Electrical and Electronic Engineering
  • Artificial Intelligence


Dive into the research topics of 'CLAP: Classification of android PUAs by similarity of DNS queries'. Together they form a unique fingerprint.

Cite this