Alde: Privacy Risk Analysis of Analytics Libraries in the Android Ecosystem View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2017

AUTHORS

Xing Liu , Sencun Zhu , Wei Wang , Jiqiang Liu

ABSTRACT

While much effort has been made to detect and measure the privacy leakage caused by the advertising (ad) libraries integrated in mobile applications (i.e., apps), analytics libraries, which are also widely used in mobile apps have not been systematically studied for their privacy risks. Different from ad libraries, the main function of analytics libraries is to collect users’ in-app actions. Hence, by design, analytics libraries are more likely to leak users’ private information. In this work, we study what information is collected by the analytics libraries integrated in popular Android apps. We design and implement a tool called “Alde”. Given an app, Alde employs both static analysis and dynamic analysis to detect the data collected by analytics libraries. We also study what private information can be leaked by the apps that use the same analytics library. Moreover, we analyze apps’ privacy policies to see whether app developers have notified the users that their in-app action information is collected by analytics libraries. Finally, we select 8 widely used analytics libraries to study and apply our method on 300 apps downloaded from both Chinese app markets and Google play. Our experimental results request the emerging need for better regulating the use of analytics libraries in Android apps. More... »

PAGES

655-672

Book

TITLE

Security and Privacy in Communication Networks

ISBN

978-3-319-59607-5
978-3-319-59608-2

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-59608-2_36

DOI

http://dx.doi.org/10.1007/978-3-319-59608-2_36

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1086027952


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information Systems", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Beijing Jiaotong University", 
          "id": "https://www.grid.ac/institutes/grid.181531.f", 
          "name": [
            "Beijing Jiaotong University"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Liu", 
        "givenName": "Xing", 
        "id": "sg:person.013175573327.55", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013175573327.55"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Pennsylvania State University", 
          "id": "https://www.grid.ac/institutes/grid.29857.31", 
          "name": [
            "The Pennsylvania State University"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Zhu", 
        "givenName": "Sencun", 
        "id": "sg:person.01105754120.24", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01105754120.24"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Beijing Jiaotong University", 
          "id": "https://www.grid.ac/institutes/grid.181531.f", 
          "name": [
            "Beijing Jiaotong University"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Wang", 
        "givenName": "Wei", 
        "id": "sg:person.012523406432.05", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012523406432.05"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Beijing Jiaotong University", 
          "id": "https://www.grid.ac/institutes/grid.181531.f", 
          "name": [
            "Beijing Jiaotong University"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Liu", 
        "givenName": "Jiqiang", 
        "id": "sg:person.015366114727.14", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015366114727.14"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1145/2742647.2742653", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1012463444"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2666620.2666622", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1016264355"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2185448.2185465", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1021086094"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2808117.2808125", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1024108374"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2185448.2185464", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1025461245"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2565585.2565593", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1025789631"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2884781.2884855", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1034146457"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/2516760.2516762", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1036637116"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.14722/ndss.2016.23082", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095873132"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.14722/ndss.2016.23353", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095873164"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.14722/usec.2014.23006", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1098936599"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2017", 
    "datePublishedReg": "2017-01-01", 
    "description": "While much effort has been made to detect and measure the privacy leakage caused by the advertising (ad) libraries integrated in mobile applications (i.e., apps), analytics libraries, which are also widely used in mobile apps have not been systematically studied for their privacy risks. Different from ad libraries, the main function of analytics libraries is to collect users\u2019 in-app actions. Hence, by design, analytics libraries are more likely to leak users\u2019 private information. In this work, we study what information is collected by the analytics libraries integrated in popular Android apps. We design and implement a tool called \u201cAlde\u201d. Given an app, Alde employs both static analysis and dynamic analysis to detect the data collected by analytics libraries. We also study what private information can be leaked by the apps that use the same analytics library. Moreover, we analyze apps\u2019 privacy policies to see whether app developers have notified the users that their in-app action information is collected by analytics libraries. Finally, we select 8 widely used analytics libraries to study and apply our method on 300 apps downloaded from both Chinese app markets and Google play. Our experimental results request the emerging need for better regulating the use of analytics libraries in Android apps.", 
    "editor": [
      {
        "familyName": "Deng", 
        "givenName": "Robert", 
        "type": "Person"
      }, 
      {
        "familyName": "Weng", 
        "givenName": "Jian", 
        "type": "Person"
      }, 
      {
        "familyName": "Ren", 
        "givenName": "Kui", 
        "type": "Person"
      }, 
      {
        "familyName": "Yegneswaran", 
        "givenName": "Vinod", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-59608-2_36", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": false, 
    "isFundedItemOf": [
      {
        "id": "sg:grant.3486816", 
        "type": "MonetaryGrant"
      }, 
      {
        "id": "sg:grant.5301336", 
        "type": "MonetaryGrant"
      }
    ], 
    "isPartOf": {
      "isbn": [
        "978-3-319-59607-5", 
        "978-3-319-59608-2"
      ], 
      "name": "Security and Privacy in Communication Networks", 
      "type": "Book"
    }, 
    "name": "Alde: Privacy Risk Analysis of Analytics Libraries in the Android Ecosystem", 
    "pagination": "655-672", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-59608-2_36"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "cf050955a414f990878b6f2e8e93d4a62b485519bb6fe073a59ebf6f3c71b2e0"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1086027952"
        ]
      }
    ], 
    "publisher": {
      "location": "Cham", 
      "name": "Springer International Publishing", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-59608-2_36", 
      "https://app.dimensions.ai/details/publication/pub.1086027952"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T23:47", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8697_00000210.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/978-3-319-59608-2_36"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-59608-2_36'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-59608-2_36'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-59608-2_36'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-59608-2_36'


 

This table displays all metadata directly associated to this object as RDF triples.

141 TRIPLES      23 PREDICATES      38 URIs      20 LITERALS      8 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-59608-2_36 schema:about anzsrc-for:08
2 anzsrc-for:0806
3 schema:author Nc6397639c6c948a68f23120842f6d313
4 schema:citation https://doi.org/10.1145/2185448.2185464
5 https://doi.org/10.1145/2185448.2185465
6 https://doi.org/10.1145/2516760.2516762
7 https://doi.org/10.1145/2565585.2565593
8 https://doi.org/10.1145/2666620.2666622
9 https://doi.org/10.1145/2742647.2742653
10 https://doi.org/10.1145/2808117.2808125
11 https://doi.org/10.1145/2884781.2884855
12 https://doi.org/10.14722/ndss.2016.23082
13 https://doi.org/10.14722/ndss.2016.23353
14 https://doi.org/10.14722/usec.2014.23006
15 schema:datePublished 2017
16 schema:datePublishedReg 2017-01-01
17 schema:description While much effort has been made to detect and measure the privacy leakage caused by the advertising (ad) libraries integrated in mobile applications (i.e., apps), analytics libraries, which are also widely used in mobile apps have not been systematically studied for their privacy risks. Different from ad libraries, the main function of analytics libraries is to collect users’ in-app actions. Hence, by design, analytics libraries are more likely to leak users’ private information. In this work, we study what information is collected by the analytics libraries integrated in popular Android apps. We design and implement a tool called “Alde”. Given an app, Alde employs both static analysis and dynamic analysis to detect the data collected by analytics libraries. We also study what private information can be leaked by the apps that use the same analytics library. Moreover, we analyze apps’ privacy policies to see whether app developers have notified the users that their in-app action information is collected by analytics libraries. Finally, we select 8 widely used analytics libraries to study and apply our method on 300 apps downloaded from both Chinese app markets and Google play. Our experimental results request the emerging need for better regulating the use of analytics libraries in Android apps.
18 schema:editor N4759c5b551094e7eb681f9781ee74e6b
19 schema:genre chapter
20 schema:inLanguage en
21 schema:isAccessibleForFree false
22 schema:isPartOf Nb1b922c245464f4eba73a345d4d20802
23 schema:name Alde: Privacy Risk Analysis of Analytics Libraries in the Android Ecosystem
24 schema:pagination 655-672
25 schema:productId N109a5a715093479685093582c8925372
26 N2e82fc850e084632bc16594494278e9f
27 N66e511041fa347e89ffb2ce99e0774d2
28 schema:publisher Nc0fb8663749e41ed9d300fc6a4bfc95d
29 schema:sameAs https://app.dimensions.ai/details/publication/pub.1086027952
30 https://doi.org/10.1007/978-3-319-59608-2_36
31 schema:sdDatePublished 2019-04-15T23:47
32 schema:sdLicense https://scigraph.springernature.com/explorer/license/
33 schema:sdPublisher N581c3785c86e4e15bb58f141f59cf8ef
34 schema:url http://link.springer.com/10.1007/978-3-319-59608-2_36
35 sgo:license sg:explorer/license/
36 sgo:sdDataset chapters
37 rdf:type schema:Chapter
38 N109a5a715093479685093582c8925372 schema:name dimensions_id
39 schema:value pub.1086027952
40 rdf:type schema:PropertyValue
41 N2adc9879bbc84c18b53a89ab83d58150 schema:familyName Weng
42 schema:givenName Jian
43 rdf:type schema:Person
44 N2e82fc850e084632bc16594494278e9f schema:name doi
45 schema:value 10.1007/978-3-319-59608-2_36
46 rdf:type schema:PropertyValue
47 N334babc96fcf40189b98ccc4a7fe6ca6 rdf:first sg:person.015366114727.14
48 rdf:rest rdf:nil
49 N4759c5b551094e7eb681f9781ee74e6b rdf:first N717ca79c418f4fd9955dcac13820e553
50 rdf:rest N7dc9de724eac4fc1b47472f0922afc9d
51 N581c3785c86e4e15bb58f141f59cf8ef schema:name Springer Nature - SN SciGraph project
52 rdf:type schema:Organization
53 N66e511041fa347e89ffb2ce99e0774d2 schema:name readcube_id
54 schema:value cf050955a414f990878b6f2e8e93d4a62b485519bb6fe073a59ebf6f3c71b2e0
55 rdf:type schema:PropertyValue
56 N717ca79c418f4fd9955dcac13820e553 schema:familyName Deng
57 schema:givenName Robert
58 rdf:type schema:Person
59 N7dc9de724eac4fc1b47472f0922afc9d rdf:first N2adc9879bbc84c18b53a89ab83d58150
60 rdf:rest Ne4a8a21b8880435da78b8d914462c858
61 N9bf5eed50fc54476bec6df6544e7144c rdf:first sg:person.01105754120.24
62 rdf:rest Nefcb1d2ea830466a8c9d73b327b7d401
63 Nae0db0b154b1427cb5efafd519592160 schema:familyName Yegneswaran
64 schema:givenName Vinod
65 rdf:type schema:Person
66 Nb1b922c245464f4eba73a345d4d20802 schema:isbn 978-3-319-59607-5
67 978-3-319-59608-2
68 schema:name Security and Privacy in Communication Networks
69 rdf:type schema:Book
70 Nc0fb8663749e41ed9d300fc6a4bfc95d schema:location Cham
71 schema:name Springer International Publishing
72 rdf:type schema:Organisation
73 Nc5353da44a71417fb7972a79b8e9258b schema:familyName Ren
74 schema:givenName Kui
75 rdf:type schema:Person
76 Nc6397639c6c948a68f23120842f6d313 rdf:first sg:person.013175573327.55
77 rdf:rest N9bf5eed50fc54476bec6df6544e7144c
78 Ne4a8a21b8880435da78b8d914462c858 rdf:first Nc5353da44a71417fb7972a79b8e9258b
79 rdf:rest Nf9f9d906c7764953befb08560ceac3c6
80 Nefcb1d2ea830466a8c9d73b327b7d401 rdf:first sg:person.012523406432.05
81 rdf:rest N334babc96fcf40189b98ccc4a7fe6ca6
82 Nf9f9d906c7764953befb08560ceac3c6 rdf:first Nae0db0b154b1427cb5efafd519592160
83 rdf:rest rdf:nil
84 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
85 schema:name Information and Computing Sciences
86 rdf:type schema:DefinedTerm
87 anzsrc-for:0806 schema:inDefinedTermSet anzsrc-for:
88 schema:name Information Systems
89 rdf:type schema:DefinedTerm
90 sg:grant.3486816 http://pending.schema.org/fundedItem sg:pub.10.1007/978-3-319-59608-2_36
91 rdf:type schema:MonetaryGrant
92 sg:grant.5301336 http://pending.schema.org/fundedItem sg:pub.10.1007/978-3-319-59608-2_36
93 rdf:type schema:MonetaryGrant
94 sg:person.01105754120.24 schema:affiliation https://www.grid.ac/institutes/grid.29857.31
95 schema:familyName Zhu
96 schema:givenName Sencun
97 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01105754120.24
98 rdf:type schema:Person
99 sg:person.012523406432.05 schema:affiliation https://www.grid.ac/institutes/grid.181531.f
100 schema:familyName Wang
101 schema:givenName Wei
102 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012523406432.05
103 rdf:type schema:Person
104 sg:person.013175573327.55 schema:affiliation https://www.grid.ac/institutes/grid.181531.f
105 schema:familyName Liu
106 schema:givenName Xing
107 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013175573327.55
108 rdf:type schema:Person
109 sg:person.015366114727.14 schema:affiliation https://www.grid.ac/institutes/grid.181531.f
110 schema:familyName Liu
111 schema:givenName Jiqiang
112 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015366114727.14
113 rdf:type schema:Person
114 https://doi.org/10.1145/2185448.2185464 schema:sameAs https://app.dimensions.ai/details/publication/pub.1025461245
115 rdf:type schema:CreativeWork
116 https://doi.org/10.1145/2185448.2185465 schema:sameAs https://app.dimensions.ai/details/publication/pub.1021086094
117 rdf:type schema:CreativeWork
118 https://doi.org/10.1145/2516760.2516762 schema:sameAs https://app.dimensions.ai/details/publication/pub.1036637116
119 rdf:type schema:CreativeWork
120 https://doi.org/10.1145/2565585.2565593 schema:sameAs https://app.dimensions.ai/details/publication/pub.1025789631
121 rdf:type schema:CreativeWork
122 https://doi.org/10.1145/2666620.2666622 schema:sameAs https://app.dimensions.ai/details/publication/pub.1016264355
123 rdf:type schema:CreativeWork
124 https://doi.org/10.1145/2742647.2742653 schema:sameAs https://app.dimensions.ai/details/publication/pub.1012463444
125 rdf:type schema:CreativeWork
126 https://doi.org/10.1145/2808117.2808125 schema:sameAs https://app.dimensions.ai/details/publication/pub.1024108374
127 rdf:type schema:CreativeWork
128 https://doi.org/10.1145/2884781.2884855 schema:sameAs https://app.dimensions.ai/details/publication/pub.1034146457
129 rdf:type schema:CreativeWork
130 https://doi.org/10.14722/ndss.2016.23082 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095873132
131 rdf:type schema:CreativeWork
132 https://doi.org/10.14722/ndss.2016.23353 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095873164
133 rdf:type schema:CreativeWork
134 https://doi.org/10.14722/usec.2014.23006 schema:sameAs https://app.dimensions.ai/details/publication/pub.1098936599
135 rdf:type schema:CreativeWork
136 https://www.grid.ac/institutes/grid.181531.f schema:alternateName Beijing Jiaotong University
137 schema:name Beijing Jiaotong University
138 rdf:type schema:Organization
139 https://www.grid.ac/institutes/grid.29857.31 schema:alternateName Pennsylvania State University
140 schema:name The Pennsylvania State University
141 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...