Exploiting Third-party SDK Sensitive Data Leakage

Hong Bao Ye, Hsiang Yang Weng, Hewijin Christine Jiau

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Data leakage is a critical threat to app developers because apps use and reserve a variety of sensitive data collected from users. While using third-party SDK is a common way to build apps, some accessed data may not be perceived by app developers. Therefore, the use of third-party SDKs may cause data leakage. This work proposes a platform named "WaRning-Awareness Platform"(WRAP). WRAP records profiles of SDKs, and reveals sensitive data accessed by SDKs. To demonstrate the data leakage caused by third-party SDKs, this work conducts a case study with various categories of Android apps. The result of our case study indicates that if app developers do not pay attention to the accessed data, the data would be leaked.

Original languageEnglish
Title of host publicationProceedings - 2020 International Computer Symposium, ICS 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages485-490
Number of pages6
ISBN (Electronic)9781728192550
DOIs
Publication statusPublished - 2020 Dec
Event2020 International Computer Symposium, ICS 2020 - Tainan, Taiwan
Duration: 2020 Dec 172020 Dec 19

Publication series

NameProceedings - 2020 International Computer Symposium, ICS 2020

Conference

Conference2020 International Computer Symposium, ICS 2020
Country/TerritoryTaiwan
CityTainan
Period20-12-1720-12-19

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Information Systems and Management
  • Computational Mathematics

Fingerprint

Dive into the research topics of 'Exploiting Third-party SDK Sensitive Data Leakage'. Together they form a unique fingerprint.

Cite this