Exploiting Third-party SDK Sensitive Data Leakage

Hong Bao Ye, Hsiang Yang Weng, Hewijin Christine Jiau

研究成果: Conference contribution

摘要

Data leakage is a critical threat to app developers because apps use and reserve a variety of sensitive data collected from users. While using third-party SDK is a common way to build apps, some accessed data may not be perceived by app developers. Therefore, the use of third-party SDKs may cause data leakage. This work proposes a platform named "WaRning-Awareness Platform"(WRAP). WRAP records profiles of SDKs, and reveals sensitive data accessed by SDKs. To demonstrate the data leakage caused by third-party SDKs, this work conducts a case study with various categories of Android apps. The result of our case study indicates that if app developers do not pay attention to the accessed data, the data would be leaked.

原文English
主出版物標題Proceedings - 2020 International Computer Symposium, ICS 2020
發行者Institute of Electrical and Electronics Engineers Inc.
頁面485-490
頁數6
ISBN(電子)9781728192550
DOIs
出版狀態Published - 2020 十二月
事件2020 International Computer Symposium, ICS 2020 - Tainan, Taiwan
持續時間: 2020 十二月 172020 十二月 19

出版系列

名字Proceedings - 2020 International Computer Symposium, ICS 2020

Conference

Conference2020 International Computer Symposium, ICS 2020
國家/地區Taiwan
城市Tainan
期間20-12-1720-12-19

All Science Journal Classification (ASJC) codes

  • 人工智慧
  • 電腦網路與通信
  • 電腦科學應用
  • 資訊系統
  • 資訊系統與管理
  • 計算數學

指紋

深入研究「Exploiting Third-party SDK Sensitive Data Leakage」主題。共同形成了獨特的指紋。

引用此