Explore the critical issue of data leakage in cloud-based mobile applications through this insightful conference talk presented at the 2019 IEEE Symposium on Security & Privacy. Delve into the root causes of significant data leaks, including lack of authentication, misuse of keys, and misconfiguration of user permissions. Learn about LeakScope, an automated tool designed to identify potential data leakage vulnerabilities in mobile apps by analyzing cloud API usage. Discover the alarming findings from an evaluation of over 1.6 million Google Play Store apps, revealing thousands of vulnerable app servers managed by major cloud providers. Gain valuable insights into the importance of responsible disclosure and the ongoing efforts to patch these vulnerabilities in collaboration with cloud service providers and mobile app developers.
Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps
Overview
Syllabus
Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Demystifying Hidden Privacy Settings in Mobile Apps
-
Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation
-
Augury - Using Data Memory-Dependent Prefetchers to Leak Data at Rest
-
When Geo Goes Wrong - A Case Study of Geolocation Vulnerabilities in Mobile Apps
-
Data Recovery on Encrypted Databases with k-Nearest Neighbor Query Leakage
-
OWASP Top 10 Mobile Risks
