Dynamic spectrum access is a powerful approach to taking advantage of opportunities in spectrum to communicate. Access to these spectral opportunities should be regulated and monitored to prevent unapproved theft of spectral resources, which ultimately belong to a primary user. Unfortunately, most of the literature devoted to spectrum scanning does not consider the over-arching application that a spectrum thief might try to run. In this paper, we show that the thief's application (specifically, its QoS requirements), plays a critical role in how the thief should attempt to sneak spectrum and, consequently, a critical role in how the spectrum monitoring infrastructure should scan spectrum to detect thievery of spectral resources. We study the difference in the thief's behavior when considering bandwidth and delay as the two primary QoS parameters he is concerned with. Loosely speaking, this corresponds to sneaking for file-download versus streaming video, and the ultimate lesson learned is that the detection probability of unlicensed access to spectrum resources depends on the application type. As a consequence, knowledge of the application type allows for the primary user to improve spectrum scanning. Given the juxtaposition between the thief's and scanner's objectives, and the underlying dependency between detection and application QoS requirements, we finally formulate an adversarial Bayesian game where the scanner's scanning takes into account statistical knowledge about applications used by the user. The equilibrium strategies of this game are found in closed form what allowed to find their interesting properties. In particular, it was shown that the equilibrium sneaking strategies for different types of user are bandwidth-sharing, and we demonstrate how information about the application the user prefers to sneak at can improve the monitoring strategy.