, S. Schrittwieser, M. Mulazzani, E. Weippl:
"Appinspect: large-scale evaluation of social networking apps
Vortrag: Acm Conference On Online Social Networks (cosn'13), Boston; 07.10.2013 - 08.10.2013; in:"Proceedings of the first ACM conference on Online social networks
", (2013), S. 143 - 154.
[ Publication Database
Third-party apps for social networking sites have emerged as a popular feature for online social networks,
and are used my millions of users every day. In exchange for additional features, users grant third parties access
to their personal data. However, these third parties do not necessarily protect the data to the same extent as
social network providers. To automatically analyze the unique privacy and security issues of social networking
applications on a large scale, we propose a novel framework, called AppInspect. Our framework enumerates available
social networking apps and collects metrics such as the personal information transferred to third party developers.
AppInspect furthermore identifies web trackers, as well as information leaks, and provides insights into the hosting
infrastructures of apps. We implemented a prototype of our novel framework to evaluate Facebook´s application
ecosystem. Our evaluation shows that AppInspect is able to detect malpractices of social networking apps in an
automated fashion. During our study we collaborated with Facebook to mitigate shortcomings of popular apps that
affected the security and privacy of millions of social networking users.