| Title | Privacy Leak Identification in Third-Party Android Libraries |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Schindler, Christian, Atas, Müslüm, Strametz, Thomas, Feiner, Johannes, Hofer, Reinhard |
| Conference Name | 2022 Seventh International Conference On Mobile And Secure Services (MobiSecServ) |
| Keywords | 3rd-party library, Aerodynamics, android, Costs, expert systems, Games, Human Behavior, leak detection, Libraries, mobile applications, privacy, pubcrawl, resilience, Resiliency, Scalability, security, web services |
| Abstract | Developers of mobile applications rely on the trust of their customers. On the one hand the requirement exists to create feature-rich and secure apps, which adhere to privacy standards to not deliberately disclose user information. On the other hand the development process must be streamlined to reduce costs. Here third-party libraries come into play. Inclusion of many, possibly nested libraries pose security risks, app-creators are often not aware of. This paper presents a way to combine free open-source tools to support developers in checking their application that it does not induce security issues by using third-party libraries. The tools FlowDroid, Frida, and mitm-proxy are used in combination in a simple and viable way to perform checks to identify privacy leaks of third-party apps. Our proposed setup and configuration empowers average app developers to preserve user privacy without being dedicated security experts and without expensive external advice. |
| DOI | 10.1109/MobiSecServ50855.2022.9727217 |
| Citation Key | schindler_privacy_2022 |
Privacy Leak Identification in Third-Party Android Libraries