Abstract
In this paper we investigate the risk of privacy leakage through mobile analytics services and demonstrate the ease with which an external adversary can extract individual's profile and mobile applications usage information, through two major mobile analytics services, i.e. Google Mobile App Analytics and Flurry. We also demonstrate that it is possible to exploit the vulnerability of analytics services, to influence the ads served to users' devices, by manipulating the profiles constructed by these services. Both attacks can be performed without the necessity of having an attacker controlled app on user's mobile device. Finally, we discuss potential countermeasures (from the perspectives of different parties) that may be utilized to mitigate the risk of individual's personal information leakage.
Original language | English |
---|---|
Title of host publication | Proceedings of the 15th Workshop on Mobile Computing Systems and Applications, HotMobile 2014 |
Place of Publication | New York |
Publisher | Association for Computing Machinery |
Number of pages | 6 |
ISBN (Electronic) | 9781450327428 |
DOIs | |
Publication status | Published - 2014 |
Externally published | Yes |
Event | 15th Workshop on Mobile Computing Systems and Applications, HotMobile 2014 - Santa Barbara, CA, United States Duration: 26 Feb 2014 → 27 Feb 2014 |
Conference
Conference | 15th Workshop on Mobile Computing Systems and Applications, HotMobile 2014 |
---|---|
Country/Territory | United States |
City | Santa Barbara, CA |
Period | 26/02/14 → 27/02/14 |