{"id":"https://openalex.org/W4408325923","doi":"https://doi.org/10.1109/aiccsa63423.2024.10912621","title":"MetaLeak: Assessing Image Metadata Leakage in Android Apps","display_name":"MetaLeak: Assessing Image Metadata Leakage in Android Apps","publication_year":2024,"publication_date":"2024-10-22","ids":{"openalex":"https://openalex.org/W4408325923","doi":"https://doi.org/10.1109/aiccsa63423.2024.10912621"},"language":"en","primary_location":{"id":"doi:10.1109/aiccsa63423.2024.10912621","is_oa":false,"landing_page_url":"https://doi.org/10.1109/aiccsa63423.2024.10912621","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE/ACS 21st International Conference on Computer Systems and Applications (AICCSA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100665213","display_name":"Tuan Anh Nguyen","orcid":"https://orcid.org/0000-0003-3558-2154"},"institutions":[{"id":"https://openalex.org/I115752224","display_name":"University of Insubria","ror":"https://ror.org/00s409261","country_code":"IT","type":"education","lineage":["https://openalex.org/I115752224"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Tran Thanh Lam Nguyen","raw_affiliation_strings":["University of Insubria,Varese,Italy"],"affiliations":[{"raw_affiliation_string":"University of Insubria,Varese,Italy","institution_ids":["https://openalex.org/I115752224"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5057684417","display_name":"Barbara Carminati","orcid":"https://orcid.org/0000-0002-7502-4731"},"institutions":[{"id":"https://openalex.org/I115752224","display_name":"University of Insubria","ror":"https://ror.org/00s409261","country_code":"IT","type":"education","lineage":["https://openalex.org/I115752224"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Barbara Carminati","raw_affiliation_strings":["University of Insubria,Varese,Italy"],"affiliations":[{"raw_affiliation_string":"University of Insubria,Varese,Italy","institution_ids":["https://openalex.org/I115752224"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5036362276","display_name":"Elena Ferrari","orcid":"https://orcid.org/0000-0002-7312-6769"},"institutions":[{"id":"https://openalex.org/I115752224","display_name":"University of Insubria","ror":"https://ror.org/00s409261","country_code":"IT","type":"education","lineage":["https://openalex.org/I115752224"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Elena Ferrari","raw_affiliation_strings":["University of Insubria,Varese,Italy"],"affiliations":[{"raw_affiliation_string":"University of Insubria,Varese,Italy","institution_ids":["https://openalex.org/I115752224"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5100665213"],"corresponding_institution_ids":["https://openalex.org/I115752224"],"apc_list":null,"apc_paid":null,"fwci":0.375,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.63363315,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.98580002784729,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12016","display_name":"Web Data Mining and Analysis","score":0.9667999744415283,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/metadata","display_name":"Metadata","score":0.823818564414978},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7793431282043457},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7309610247612},{"id":"https://openalex.org/keywords/android-application","display_name":"Android application","score":0.5756590366363525},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5132191181182861},{"id":"https://openalex.org/keywords/leakage","display_name":"Leakage (economics)","score":0.48052462935447693},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.4010494351387024},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.21001487970352173}],"concepts":[{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.823818564414978},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7793431282043457},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7309610247612},{"id":"https://openalex.org/C3017891749","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android application","level":3,"score":0.5756590366363525},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5132191181182861},{"id":"https://openalex.org/C2777042071","wikidata":"https://www.wikidata.org/wiki/Q6509304","display_name":"Leakage (economics)","level":2,"score":0.48052462935447693},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.4010494351387024},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.21001487970352173},{"id":"https://openalex.org/C139719470","wikidata":"https://www.wikidata.org/wiki/Q39680","display_name":"Macroeconomics","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/aiccsa63423.2024.10912621","is_oa":false,"landing_page_url":"https://doi.org/10.1109/aiccsa63423.2024.10912621","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE/ACS 21st International Conference on Computer Systems and Applications (AICCSA)","raw_type":"proceedings-article"},{"id":"pmh:oai:irinsubria.uninsubria.it:11383/2197155","is_oa":false,"landing_page_url":"https://hdl.handle.net/11383/2197155","pdf_url":null,"source":{"id":"https://openalex.org/S4377196351","display_name":"IrInSubria (University of Insubria)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I115752224","host_organization_name":"University of Insubria","host_organization_lineage":["https://openalex.org/I115752224"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W2407313496","https://openalex.org/W2568382868","https://openalex.org/W2621123093","https://openalex.org/W2745034467","https://openalex.org/W2790051295","https://openalex.org/W2811408275","https://openalex.org/W2883476992","https://openalex.org/W3031434561","https://openalex.org/W3082687416","https://openalex.org/W3095464032","https://openalex.org/W3130016194","https://openalex.org/W3196442232","https://openalex.org/W4214806647","https://openalex.org/W4286255340","https://openalex.org/W4288712104","https://openalex.org/W4308644394","https://openalex.org/W4360994520","https://openalex.org/W6764197484"],"related_works":["https://openalex.org/W4285815317","https://openalex.org/W327645657","https://openalex.org/W4253505977","https://openalex.org/W2011124320","https://openalex.org/W4229710179","https://openalex.org/W4298063370","https://openalex.org/W2965382761","https://openalex.org/W4299620683","https://openalex.org/W4295036445","https://openalex.org/W2956050767"],"abstract_inverted_index":{"Although":[0],"modern":[1],"smartphone":[2],"platforms":[3],"emphasize":[4],"user":[5],"privacy":[6],"protection":[7,58],"by":[8,72],"continually":[9],"improving":[10],"security":[11,27],"mechanisms,":[12],"vulnerabilities":[13],"still":[14],"exist,":[15],"especially":[16],"in":[17,92,151],"the":[18,21,31,49,56,116,142,149,154,165],"case":[19],"of":[20,34,47,52,98,131,138,148],"Android":[22,26],"operating":[23],"system.":[24],"The":[25],"mechanism":[28,59],"almost":[29],"delegates":[30],"entire":[32],"responsibility":[33],"granting":[35,53],"access":[36,61],"permissions":[37],"to":[38,40,62,77,114,122],"apps":[39,126,150],"end":[41],"users,":[42],"who":[43],"often":[44],"are":[45],"unaware":[46],"all":[48],"possible":[50],"consequences":[51],"permission.":[54],"Additionally,":[55],"loose":[57],"regulating":[60],"media":[63],"files":[64],"(images,":[65],"videos,":[66],"audio,":[67],"etc.)":[68],"can":[69],"be":[70],"exploited":[71],"attackers":[73],"as":[74],"a":[75,107],"side-channel":[76],"gather":[78],"sensitive":[79,88,139],"data.":[80],"This":[81],"paper":[82],"shows":[83],"how":[84],"sharing":[85],"images":[86],"containing":[87],"metadata":[89,140],"may":[90],"result":[91],"an":[93],"intentional":[94],"or":[95,101],"unintentional":[96],"leakage":[97],"users'":[99],"personal":[100],"confidential":[102],"information.":[103],"We":[104,119],"designed":[105],"MetaLeak,":[106],"system":[108],"based":[109],"on":[110],"apps'":[111],"hybrid":[112],"analysis,":[113],"assess":[115],"identified":[117],"risks.":[118],"used":[120],"MetaLeak":[121],"analyze":[123],"5,000":[124],"popular":[125],"and":[127],"found":[128],"that":[129],"21.9%":[130],"them":[132],"sent":[133],"at":[134],"least":[135],"one":[136],"type":[137],"over":[141],"internet.":[143],"Moreover,":[144],"for":[145],"only":[146],"10.4%":[147],"our":[152],"dataset,":[153],"app's":[155],"actual":[156],"behavior":[157],"w.r.t.":[158],"collecting":[159],"GPS":[160],"data":[161],"is":[162],"compliant":[163],"with":[164],"developer's":[166],"claims.":[167]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-12-28T23:10:05.387466","created_date":"2025-10-10T00:00:00"}