Analyzing Leakage of Personal Information by Malware
slider

Analyzing Leakage of Personal Information by Malware - Prof. Dr. Norbert Pohlmann

Analyzing Leakage of Personal Information by Malware

Artikel - Analyzing Leakage of Personal Information by Malware - Prof. Norbert Pohlmann

M. Degeling, T. Holz, N. Pohlmann, D. Tatang, T. Urban:
“Analyzing Leakage of Personal Information by Malware”. Journal of Computer Security. 2019.

Advertisements are the fuel that runs many online services such as websites or mobile apps, but also adversaries started to abuse ads for financial gains. Nowadays, online advertising companies track users all over the web in order to create successful online ads campaigns specifically tailored for a target audience. A popular phenomenon on the Internet, so-calledadware, abuses online advertisements by maliciously injecting or replacing ads on websites. As many consider ads to be quiteprivacy intrusive, much work has gone into studying the effects of online advertisements on users’ privacy. However, only littlework has been done so far into analyzing the privacy implications of adware. In this work, we shed light on the capabilities, mainly concerning tracking and personal data exfiltrating, of adware and potentially unwanted programs (PUPs), at scale. To this end, we capture the communication of adware/PUPs in the Firefoxbrowser on the application level to circumvent lower-level encryption (e. g., TLS). Using this framework for capturing the network traffic, we dynamically analyze the communication of over 16,000 adware or potentially unwanted program samples. We find that around 37% of requests issued by the analyzed samples contain some kind of personal information. Furthermore, we identify the services used by adversaries and provide insights on the used tracking techniques.


More information on the subject “Towards Understanding the Impact of the GDPR on Online Advertisement”:


Articles:

Beyond the Front Page: Measuring Third Party Dynamics in the Field”

“Measuring the Impact of the GDPR on Data Sharing in Ad Networks”

“Your Hashed IP Address: Ubuntu”

“A Study on Subject Data Access in Online Advertising after the GDPR”

“Analyzing Leakage of Personal Information by Malware”

“The Unwanted Sharing Economy: An Analysis of Cookie Syncing and User Transparency under GDPR”

“Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs”


kostenlos downloaden
Artikel - Analyzing Leakage of Personal Information by Malware - Prof. Norbert Pohlmann
Analyzing Leakage of Personal Information by Malware Prof. Dr. Norbert Pohlmann - Cyber-Sicherheitsexperten