Prof. Dr. Norbert Pohlmann Home mobile
slider

Analyzing Leakage of Personal Information by Malware

Analyzing Leakage of Personal Information by Malware Prof. Dr. Norbert Pohlmann - Cyber-Sicherheitsexperten

Analyzing Leakage of Personal Information by Malware Pohlmann

396 - Analyzing Leakage of Personal Information by Malware - Prof. Norbert Pohlmann

M. Degeling, T. Holz, N. Pohlmann, D. Tatang, T. Urban:
“Analyzing Leakage of Personal Information by Malware”. Journal of Computer Security. 2019.

Advertisements are the fuel that runs many online services such as websites or mobile apps, but also adversariesstarted to abuse ads for financial gains. Nowadays, online advertising companies track users all over the web in order to createsuccessful online ads campaigns specifically tailored for a target audience. A popular phenomenon on the Internet, so-calledadware, abuses online advertisements by maliciously injecting or replacing ads on websites. As many consider ads to be quiteprivacy intrusive, much work has gone into studying the effects of online advertisements on users’ privacy. However, only littlework has been done so far into analyzing the privacy implications of adware.In this work, we shed light on the capabilities, mainly concerning tracking and personal data exfiltrating, of adware andpotentially unwanted programs (PUPs), at scale. To this end, we capture the communication of adware/PUPs in the Firefoxbrowser on the application level to circumvent lower-level encryption (e. g., TLS). Using this framework for capturing thenetwork traffic, we dynamically analyze the communication of over 16,000 adware or potentially unwanted program samples.We find that around 37% of requests issued by the analyzed samples contain some kind of personal information. Furthermore,we identify the services used by adversaries and provide insights on the used tracking techniques.
kostenlos downloaden
396 - Analyzing Leakage of Personal Information by Malware - Prof. Norbert Pohlmann
500x500