Information Collection of Third-Party SDKs
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the challenges and solutions for monitoring information collection behaviors of third-party SDKs in mobile applications. Learn about a static taint analyzer developed to address privacy compliance issues, based on Facebook's Mariana Trench tool. Discover how this analyzer achieves high accuracy in identifying sensitive information calls and network interfaces, overcoming the challenge of asynchronous invocation. Gain insights into the application of this tool on mainstream apps, revealing undisclosed user information collection by embedded SDKs. Understand the importance of open-sourcing such tools to benefit app developers in maintaining privacy policy compliance and protecting user data.
Syllabus
#HITB2022SIN Information Collection Of Third-party SDKs - W. Kailong W. Zeyu B. Guangdong & Z. Qing
Taught by
Hack In The Box Security Conference
Related Courses
Cryptography IIStanford University via Coursera Microsoft Enterprise Mobility Suite
Microsoft via edX Social Media - What No One has Told You about Privacy
openHPI Windows 10 Features for a Mobile Workforce: Identity Management and Data Access
Microsoft via edX Health Professional Teaching Skills – Level 3 - Professionalism
University of Toronto via edX