Information leakage through mobile analytics services

Chen, Terence; Ullah, Imdad; Kâafar, Mohamed Ali; Boreli, Roksana

doi:10.1145/2565585.2565593

Cited by 50 publications

(71 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This technique entails analyzing an app's bytecode using symbolic execution [58] and/or control flow graphs [10], [11], [22]. Several academic studies leverage static analysis to inspect app permissions and their associated system calls [11], [41], to audit third-party library usage [17], [51], and to analyze flaws in HTTPS usage and certificate validation [24], [27]. This approach is appealing because it enables large-scale app analysis without the overhead of running or interacting with apps.…”

Section: Related Workmentioning

confidence: 99%

Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions

Ren

Lindorfer

Dubois

et al. 2018

Proceedings 2018 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Abstract-Is mobile privacy getting better or worse over time? In this paper, we address this question by studying privacy leaks from historical and current versions of 512 popular Android apps, covering 7,665 app releases over 8 years of app version history. Through automated and scripted interaction with apps and analysis of the network traffic they generate on real mobile devices, we identify how privacy changes over time for individual apps and in aggregate. We find several trends that include increased collection of personally identifiable information (PII) across app versions, slow adoption of HTTPS to secure the information sent to other parties, and a large number of third parties being able to link user activity and locations across apps. Interestingly, while privacy is getting worse in aggregate, we find that the privacy risk of individual apps varies greatly over time, and a substantial fraction of apps see little change or even improvement in privacy. Given these trends, we propose metrics for quantifying privacy risk and for providing this risk assessment proactively to help users balance the risks and benefits of installing new versions of apps.

show abstract

Section: Related Workmentioning

confidence: 99%

Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions

Ren

Lindorfer

Dubois

et al. 2018

Proceedings 2018 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Information leakage [47] gives the information about how the privacy is getting disturbed in mobile environment. Two types of attacks are possible in mobile environment: 1) External attack, 2) Internal attack.…”

Section: Information Leakagementioning

confidence: 99%

Survey on Three Components of Mobile Cloud Computing: Offloading, Distribution and Privacy

Paranjothi¹,

Khan²,

Nijim³

2017

JCC

View full text Add to dashboard Cite

Mobile Cloud Computing (MCC) brings rich computational resource to mobile users, network operators, and cloud computing providers. It can be represented in many ways, and the ultimate goal of MCC is to enable execution of rich mobile application with rich user experience. Mobility is one of the main characteristics of MCC environment where user can be able to continue their work regardless of movement. This literature review paper presents the state-of-the-art survey of MCC. Also, we provide the communication architecture of MCC and taxonomy of mobile cloud in which specifically concentrates on offloading, mobile distribution computing, and privacy. Through an extensive literature review, we found that MCC is a technologically beneficial and expedient paradigm for virtual environments in terms of virtual servers in a distributed environment, multi-tenant architecture and data storing in a cloud. We further identified the drawbacks in offloading, mobile distribution computing, privacy of MCC and how this technology can be used in an effective way.

show abstract

“…An in-depth analysis of the data completeness is necessary to build dashboards that are useful for learners. Chen et al [8] investigate the chance of privacy leakage through mobile analytics services and show the easiness with which an external body will extract an individual's profile and mobile applications usage information through two of the major mobile analytics services, i.e., Google Mobile App analytics and Flurry that have the highest market share. Access to information such as device ID can reveal all the information from Flurry.…”

Section: Literature Surveymentioning

confidence: 99%

“…Access to information such as device ID can reveal all the information from Flurry. According to Chen et al [8], it is possible not only to spoof the identity of an Android device but also to extract each user's profile. To tackle this risk, they suggest deprecation of permanent unique identifiers (Android ID for Android and UUID for iOS).…”

Section: Literature Surveymentioning

confidence: 99%

Cloud-Based Data Analytics Framework for Mobile App Event Analysis

Vaidya

Ibrahim

2017

Asian J Pharm Clin Res

View full text Add to dashboard Cite

Mobile analytics studies the behavior of end users of mobile applications and the mobile application itself. These mobile applications, being an important part of the various business products, need to be monitored and the usage patterns are to be analyzed. The data collected from these apps can help to drive important business strategies by identifying the usage patterns. Enriching the data with information available from other sources, such as sales/ service information, provides holistic view about the solution. Thus, here, we aim at exploring some set of tools that give capabilities as event trailing with higher extraction of its linguistics. If the application is used worldwide, the data generated out of it is Big Data, which traditional systems cannot handle. We therefore propose a special framework for efficient data collection, storage, and processing at Big Data scale on cloud platform.

show abstract

Information leakage through mobile analytics services

Cited by 50 publications

References 5 publications

Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions

Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions

Survey on Three Components of Mobile Cloud Computing: Offloading, Distribution and Privacy

Cloud-Based Data Analytics Framework for Mobile App Event Analysis

Contact Info

Product

Resources

About