YoVDO

Information Collection of Third-Party SDKs

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Web Security Courses Data Protection Courses

Course Description

Overview

Explore the challenges and solutions for monitoring information collection behaviors of third-party SDKs in mobile applications. Learn about a static taint analyzer developed to address privacy compliance issues, based on Facebook's Mariana Trench tool. Discover how this analyzer achieves high accuracy in identifying sensitive information calls and network interfaces, overcoming the challenge of asynchronous invocation. Gain insights into the application of this tool on mainstream apps, revealing undisclosed user information collection by embedded SDKs. Understand the importance of open-sourcing such tools to benefit app developers in maintaining privacy policy compliance and protecting user data.

Syllabus

#HITB2022SIN Information Collection Of Third-party SDKs - W. Kailong W. Zeyu B. Guangdong & Z. Qing


Taught by

Hack In The Box Security Conference

Related Courses

Internet History, Technology, and Security
University of Michigan via Coursera Client-Server Communication
Google via Udacity HTTP & Web Servers
Udacity Network Security
Georgia Institute of Technology via Udacity Web Security Fundamentals
KU Leuven University via edX