Analyzing Leakage of Personal Information by Malware - Prof. Dr. Norbert Pohlmann
Analyzing Leakage of Personal Information by Malware
M. Degeling, T. Holz, N. Pohlmann, D. Tatang, T. Urban:
Advertisements are the fuel that runs many online services such as websites or mobile apps, but also adversaries started to abuse ads for financial gains. Nowadays, online advertising companies track users all over the web in order to create successful online ads campaigns specifically tailored for a target audience. A popular phenomenon on the Internet, so-calledadware, abuses online advertisements by maliciously injecting or replacing ads on websites. As many consider ads to be quiteprivacy intrusive, much work has gone into studying the effects of online advertisements on users’ privacy. However, only littlework has been done so far into analyzing the privacy implications of adware. In this work, we shed light on the capabilities, mainly concerning tracking and personal data exfiltrating, of adware and potentially unwanted programs (PUPs), at scale. To this end, we capture the communication of adware/PUPs in the Firefoxbrowser on the application level to circumvent lower-level encryption (e. g., TLS). Using this framework for capturing the network traffic, we dynamically analyze the communication of over 16,000 adware or potentially unwanted program samples. We find that around 37% of requests issued by the analyzed samples contain some kind of personal information. Furthermore, we identify the services used by adversaries and provide insights on the used tracking techniques.
More information on the subject “Towards Understanding the Impact of the GDPR on Online Advertisement”:
“Beyond the Front Page: Measuring Third Party Dynamics in the Field”