Mostrar el registro sencillo del ítem

dc.contributor.authorFeal, Álvaro 
dc.contributor.authorGamba, Julien 
dc.contributor.authorVallina-Rodriguez, Narseo 
dc.contributor.authorWijesekera, Primal
dc.contributor.authorReardon, Joel
dc.contributor.authorEgelman, Serge
dc.contributor.authorTapiador, Juan
dc.description.abstractMobile app developers often include third-party Software Development Kits (SDKs) in their software to externalize services and features, or monetize their apps through advertisements. Unfortunately, these development practices often come at a privacy cost to the end user. In this paper, we discuss the privacy damage that third-party SDKs can cause to end users due to limitations present in today’s mobile permission models, and the overall lack of transparency in the ecosystem. We combine static, dynamic and manual analysis of the SDKs embedded in the top 50 Google Play store’s applications to develop a taxonomy of hird-party libraries. We also provide insights about their data collection, and transparency issues. We also discuss different ways to tackle current challenges, like increasing developer’s awareness or changing the permission model of mobile phone to clearly state the purpose of permissions and to separate permissions requested by the app itself and third-party libraries, as well as mechanisms to ease certification and regulatory enforcement efforts.
dc.titleDon’t accept candies from strangers: An analysis of third-party SDKs
dc.typeconference object
dc.conference.date22-24 January 2020
dc.conference.placeBrussels, Belgium
dc.conference.titleComputers, Privacy and Data Protection Conference (CPDP 2020)*

Ficheros en el ítem


No hay ficheros asociados a este ítem.

Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem