{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,29]],"date-time":"2025-12-29T01:07:14Z","timestamp":1766970434529,"version":"3.48.0"},"reference-count":57,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,12,29]],"date-time":"2025-12-29T00:00:00Z","timestamp":1766966400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,12,29]],"date-time":"2025-12-29T00:00:00Z","timestamp":1766966400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>With the development of HTML5, tracking technologies have evolved dramatically and gradually moved from cookies to browser fingerprinting. Previous research has shown that there are more serious privacy threats associated with tracking behavior on third-party websites. However, by focusing on third-party websites that are loaded in the browser, the researchers overlooked the fact that third-party websites are also present in Android applications, where tracking is easy to perform and definitely covert to detect. In this study, we propose WTDetect, an Android third-party website tracking detection framework. Based on the parsing of view tree and the generation of function call stack, WTDetect automatically locates and captures the source code of third-party websites. To explore the direction of sensitive data flow, WTDetect performs static taint analysis on the program dependency graph for each JavaScript file. Finally, a fine-grained classification model is used to detect the tracking behavior. WTDetect is used to perform a measurement study of tracking behavior on 1090 captured Android third-party websites. The result outlines that 14.68% of third-party websites in Android applications tracking users without any access warnings and user authorization, which directly leads to the risk of privacy leakage.<\/jats:p>","DOI":"10.1186\/s42400-025-00391-4","type":"journal-article","created":{"date-parts":[[2025,12,29]],"date-time":"2025-12-29T01:02:59Z","timestamp":1766970179000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["WTDetect: a third-party website tracking detection framework for android applications"],"prefix":"10.1186","volume":"8","author":[{"given":"Wei","family":"Liu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8449-839X","authenticated-orcid":false,"given":"Xinyu","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Yun","family":"Feng","sequence":"additional","affiliation":[]},{"given":"Kerui","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Ze","family":"Jin","sequence":"additional","affiliation":[]},{"given":"Yaqin","family":"Cao","sequence":"additional","affiliation":[]},{"given":"Yuling","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Qixu","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,12,29]]},"reference":[{"issue":"6","key":"391_CR1","first-page":"231","volume":"13","author":"AM Alashjee","year":"2019","unstructured":"Alashjee AM, Duraibi S, Song J (2019) Dynamic taint analysis tools: a review. Int J Comput Sci Secur (IJCSS) 13(6):231\u2013244","journal-title":"Int J Comput Sci Secur (IJCSS)"},{"key":"391_CR2","doi-asserted-by":"crossref","unstructured":"Annamalai MSMS, Bilogrevic I, De\u00a0Cristofaro E (2023) Fp-fed: privacy-preserving federated detection of browser fingerprinting. arXiv preprint arXiv:2311.16940,","DOI":"10.14722\/ndss.2024.24360"},{"key":"391_CR3","doi-asserted-by":"crossref","unstructured":"Antonio E, Fajardo A, Medina R (2020) Tracking browser fingerprint using rule based algorithm. In: 2020 16th IEEE international colloquium on signal processing & its applications (CSPA), pp 225\u2013229. IEEE","DOI":"10.1109\/CSPA48992.2020.9068729"},{"key":"391_CR4","unstructured":"Backes M, Bugiel S, Derr E, McDaniel P, Octeau D, Weisgerber S (2016) On demystifying the android application framework: {Re-Visiting} android permission specification analysis. In 25th USENIX security symposium (USENIX security 16), pp 1101\u20131118"},{"key":"391_CR5","unstructured":"Bojinov H, Michalevsky Y, Nakibly G, Boneh D (2014) Mobile device identification via sensor fingerprinting. arXiv preprint arXiv:1408.1416"},{"key":"391_CR6","doi-asserted-by":"crossref","unstructured":"Cao Y, Li S, Wijmans E (2017) (cross-) browser fingerprinting via OS and hardware level features. In: Proceedings 2017 network and distributed system security symposium. Internet Society","DOI":"10.14722\/ndss.2017.23152"},{"key":"391_CR7","doi-asserted-by":"crossref","unstructured":"Castell-Uroz I, Sol\u00e9-Pareta J, Barlet-Ros P (2021) Tracksign: guided web tracking discovery. In: IEEE INFOCOM 2021-IEEE conference on computer communications, pp 1\u201310. IEEE","DOI":"10.1109\/INFOCOM42981.2021.9488842"},{"key":"391_CR8","unstructured":"Cookiebot (2022) Getting started with android SDK integration. URL https:\/\/www.cookiebot.com\/en\/google-third-party-cookies\/"},{"issue":"1","key":"391_CR9","first-page":"88","volume":"2018","author":"A Das","year":"2018","unstructured":"Das A, Borisov N, Chou E (2018b) Every move you make: exploring practical issues in smartphone motion sensor fingerprinting and countermeasures. Proc Priv Enhanc Technol 2018(1):88\u2013108","journal-title":"Proc Priv Enhanc Technol"},{"key":"391_CR10","doi-asserted-by":"crossref","unstructured":"Das A, Acar G, Borisov N, Pradeep A (2018a) The web\u2019s sixth sense: a study of scripts accessing smartphone sensors. In: Proceedings of ACM CCS 2018","DOI":"10.1145\/3243734.3243860"},{"key":"391_CR11","unstructured":"EasyList (2024a) URL https:\/\/easylist.to\/easylist\/easylist.txt"},{"key":"391_CR12","unstructured":"EasyPrivacy (2024b) URL https:\/\/easylist.to\/easylist\/easyprivacy.txt"},{"key":"391_CR13","doi-asserted-by":"crossref","unstructured":"Englehardt S, Narayanan A (2016a) Online tracking: a 1-million-site measurement and analysis. In: Proceedings of ACM CCS 2016","DOI":"10.1145\/2976749.2978313"},{"key":"391_CR14","doi-asserted-by":"crossref","unstructured":"Englehardt S, Narayanan A (2016b) Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp 1388\u20131401","DOI":"10.1145\/2976749.2978313"},{"key":"391_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102715","volume":"118","author":"Y Fang","year":"2022","unstructured":"Fang Y, Huang C, Zeng M, Zhao Z, Huang C (2022) Jstrong: malicious javascript detection based on code semantic representation and graph neural network. Comput Secur 118:102715","journal-title":"Comput Secur"},{"key":"391_CR16","doi-asserted-by":"crossref","unstructured":"Fass A, Som\u00e9 Doli\u00e8re\u00a0F, Backes M, Stock B (2021) Doublex: statically detecting vulnerable data flows in browser extensions at scale. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 1789\u20131804","DOI":"10.1145\/3460120.3484745"},{"key":"391_CR17","unstructured":"Frida (2019) Dynamic instrumentation toolkit. URL https:\/\/www.frida.re\/"},{"key":"391_CR18","doi-asserted-by":"crossref","unstructured":"GeraldPalfinger, BP (2020) Androprint: analysing the fingerprintability of the android API. In: Melanie V, Christian W (eds) ARES 2020: the 15th international conference on availability, reliability and security, virtual event, Ireland, August 25\u201328, 2020, pp 94:1\u201394:10. ACM","DOI":"10.1145\/3407023.3407055"},{"key":"391_CR19","doi-asserted-by":"crossref","unstructured":"Ghasemisharif M, Polakis J (2023) Read between the lines: detecting tracking javascript with bytecode classification. In: Proceedings of the 2023 ACM SIGSAC conference on computer and communications security, pp 3475\u20133489","DOI":"10.1145\/3576915.3616637"},{"key":"391_CR20","unstructured":"Gibbs S (2023) Mobile web browsing overtakes desktop for the first time, November 2016. URL https:\/\/www.theguardian.com\/technology\/2016\/nov\/02\/mobile-web-browsing-desktop-smartphones-tablets. Accessed: October"},{"key":"391_CR21","unstructured":"Google. View (2024). URL https:\/\/developer.android.google.cn\/reference\/android\/view\/View"},{"key":"391_CR22","doi-asserted-by":"crossref","unstructured":"Guarnieri S, Pistoia M, Tripp O, Dolby J, Teilhet S, Berg R (2011) Saving the world wide web from vulnerable javascript. In: Proceedings of the 2011 international symposium on software testing and analysis, pp 177\u2013187","DOI":"10.1145\/2001420.2001442"},{"key":"391_CR23","doi-asserted-by":"crossref","unstructured":"Iqbal U, Snyder P, Zhu S, Livshits B, Qian Z, Shafiq Z (2020) Adgraph: a graph-based approach to ad and tracker blocking. In: 2020 IEEE symposium on security and privacy (SP), pp 763\u2013776. IEEE","DOI":"10.1109\/SP40000.2020.00005"},{"key":"391_CR24","doi-asserted-by":"crossref","unstructured":"Iqbal U, Englehardt S, Shafiq Z (2021) Fingerprinting the fingerprinters: learning to detect browser fingerprinting behaviors. I: 2021 IEEE symposium on security and privacy (SP), pp 1143\u20131161. IEEE","DOI":"10.1109\/SP40001.2021.00017"},{"key":"391_CR25","unstructured":"Iqbal U, Wolfe C, Nguyen C, Englehardt S, Shafiq Z (2022) Khaleesi: breaker of advertising and tracking request chains. In: 31st USENIX security symposium (USENIX Security 22), pp 2911\u20132928"},{"key":"391_CR26","doi-asserted-by":"publisher","first-page":"9856537","DOI":"10.1155\/2018\/9856537","volume":"2018","author":"X Jiang","year":"2018","unstructured":"Jiang X, Liu M, Yang K, Liu Y, Wang R et al (2018) A security sandbox approach of android based on hook mechanism. Secur Commun Netw 2018:9856537","journal-title":"Secur Commun Netw"},{"key":"391_CR27","unstructured":"Joern (2024) URL https:\/\/github.com\/joernio\/joern"},{"key":"391_CR28","unstructured":"Lan Z, Chen M, Goodman S, Gimpel K, Sharma P, Soricut R (2020) ALBERT: a lite BERT for self-supervised learning of language representations. In: 8th International conference on learning representations, ICLR 2020, Addis Ababa, Ethiopia, April 26\u201330, 2020. OpenReview.net. URL https:\/\/openreview.net\/forum?id=H1eA7AEtvS"},{"key":"391_CR29","doi-asserted-by":"crossref","unstructured":"Lee C, Son S (2023) Adcpg: classifying javascript code property graphs with explanations for ad and tracker blocking. In: Proceedings of the 2023 ACM SIGSAC conference on computer and communications security, pp 3505\u20133518","DOI":"10.1145\/3576915.3623084"},{"key":"391_CR30","first-page":"1715","volume":"2020","author":"T Liu","year":"2020","unstructured":"Liu T, Wang H, Li L, Luo X, Dong F, Guo Y, Wang L, Bissyand\u00e9 T, Klein J (2020a) Maddroid: characterizing and detecting devious ad contents for android apps. Proc Web Conf 2020:1715\u20131726","journal-title":"Proc Web Conf"},{"key":"391_CR31","doi-asserted-by":"crossref","unstructured":"Liu T, Wang H, Li L, Luo X, Dong F, Guo Y, Wang L, Bissyand\u00e9 TF, Klein J (2020b) Maddroid: characterizing and detecting devious ad contents for android apps. In: WWW \u201920: the web conference 2020, Taipei, Taiwan, April 20\u201324, 2020, pp 1715\u20131726","DOI":"10.1145\/3366423.3380242"},{"key":"391_CR32","doi-asserted-by":"crossref","unstructured":"Liu X, Zhao W, Chen L, Liu Q (2022) Droidfp: a zero-permission detection framework for android devices based on gated recurrent unit. In: Chunhua S, Kouichi S, and Feng L (eds) Science of cyber security: 4th international conference, SciSec 2022, Matsue, Japan, August 10\u201312, 2022, Revised Selected Papers, vol 13580 of Lecture Notes in Computer Science, pp 364\u2013374. Springer","DOI":"10.1007\/978-3-031-17551-0_24"},{"key":"391_CR33","doi-asserted-by":"crossref","unstructured":"Liu X, Jin Z, Liu J, Liu W, Wang X, Liu Q (2023) Andetect: a third-party ad network libraries detection framework for android applications. In: Annual computer security applications conference, ACSAC 2023, Austin, TX, USA, December 4\u20138, 2023, pp 98\u2013112. ACM","DOI":"10.1145\/3627106.3627182"},{"key":"391_CR34","doi-asserted-by":"crossref","unstructured":"Luo T, Hao H, Du W, Wang Y, Yin H (2011) Attacks on webview in the android system. In: Proceedings of the 27th annual computer security applications conference, pp 343\u2013352","DOI":"10.1145\/2076732.2076781"},{"key":"391_CR35","unstructured":"Mikolov T, Sutskever I, Chen K, Corrado GS, Dean J (2013) Distributed representations of words and phrases and their compositionality. Adv Neural Inf Process Syst vol 26"},{"key":"391_CR36","doi-asserted-by":"crossref","unstructured":"Munir S, Siby S, Iqbal U, Englehardt S, Shafiq Z, Troncoso C (2023) Cookiegraph: understanding and detecting first-party tracking cookies. In: Proceedings of the 2023 ACM SIGSAC conference on computer and communications security, pp 3490\u20133504","DOI":"10.1145\/3576915.3616586"},{"key":"391_CR37","doi-asserted-by":"crossref","unstructured":"Palfinger G, Pr\u00fcnster B (2020) Androprint: analysing the fingerprintability of the android API. In: Proceedings of the 15th international conference on availability, reliability and security, pp 1\u201310","DOI":"10.1145\/3407023.3407055"},{"key":"391_CR38","doi-asserted-by":"crossref","unstructured":"Pearce P, Felt AP, Nunez G, Wagner D (2012) Addroid: privilege separation for applications and advertisers in android. In: Proceedings of the 7th ACM symposium on information, computer and communications security, pp 71\u201372","DOI":"10.1145\/2414456.2414498"},{"key":"391_CR39","unstructured":"Pochat V, Goethem TV, Tajalizadehkhoob S, Korczynski M, Joosen W (2019) Tranco: a research-oriented top sites ranking hardened against manipulation. In: Proceedings 26th annual network and distributed system security symposium (NDSS\u201919). Internet Society"},{"key":"391_CR40","unstructured":"ProPrivacy. (2020) Exposing the hidden data ecosystem of the UK\u2019s most trusted charities. URL https:\/\/proprivacy.com\/privacy-news\/exposing-the-hidden-data-ecosystem-of-the-uks-most-trusted-charities"},{"key":"391_CR41","doi-asserted-by":"crossref","unstructured":"Rountev A, Yan D (2014) Static reference analysis for GUI objects in android software. In: Proceedings of annual IEEE\/ACM international symposium on code generation and optimization, pp 143\u2013153","DOI":"10.1145\/2581122.2544159"},{"key":"391_CR42","unstructured":"Siby S, Iqbal U, Englehardt S, Shafiq Z, Troncoso C (2022) Webgraph: capturing advertising and tracking information flows for robust blocking. In: 31st USENIX security symposium (USENIX Security 22), pp 2875\u20132892"},{"key":"391_CR43","unstructured":"Studio Android (2023) Monkeyrunner. URL: https:\/\/developer.android.com\/studio\/test\/monkeyrunner\/MonkeyRunner"},{"key":"391_CR44","first-page":"2178","volume":"2023","author":"J Su","year":"2023","unstructured":"Su J, Kapravelos A (2023) Automatic discovery of emerging browser fingerprinting techniques. Proc ACM Web Conf 2023:2178\u20132188","journal-title":"Proc ACM Web Conf"},{"key":"391_CR45","doi-asserted-by":"crossref","unstructured":"Sung K, Huang JY, Corner MD, Levine BN (2020) Re-identification of mobile devices using real-time bidding advertising networks. In: Proceedings of the 26th annual international conference on mobile computing and networking, pp 1\u201313","DOI":"10.1145\/3372224.3419205"},{"key":"391_CR46","doi-asserted-by":"crossref","unstructured":"Torres CF, Jonker H (2018) Investigating fingerprinters and fingerprinting-alike behaviour of android applications. In Javier L, Jianying Z, and Miguel S (eds) Computer security: 23rd European symposium on research in computer security, ESORICS 2018, Barcelona, Spain, September 3\u20137, 2018, Proceedings, Part II, vol 11099 of Lecture notes in computer science, pp 60\u201380. Springer","DOI":"10.1007\/978-3-319-98989-1_4"},{"key":"391_CR47","unstructured":"WTDetect (2024) URL https:\/\/anonymous.4open.science\/r\/WTDetect-C744"},{"key":"391_CR48","doi-asserted-by":"publisher","first-page":"8073","DOI":"10.1109\/ACCESS.2016.2626395","volume":"4","author":"W Wenjia","year":"2016","unstructured":"Wenjia W, Jianan W, Wang Y, Ling Z, Yang M (2016) Efficient fingerprinting-based android device identification with zero-permission identifiers. IEEE Access 4:8073\u20138083","journal-title":"IEEE Access"},{"key":"391_CR49","doi-asserted-by":"crossref","unstructured":"Wu Q, Liu Q, Zhang Y, Liu P, Wen G (2016a) A machine learning approach for detecting third-party trackers on the web. In: Computer security\u2014ESORICS 2016: 21st European symposium on research in computer security, Heraklion, Greece, September 26\u201330, 2016, Proceedings, Part I 21, pp 238\u2013258. Springer","DOI":"10.1007\/978-3-319-45744-4_12"},{"key":"391_CR50","doi-asserted-by":"crossref","unstructured":"Yamaguchi F, Golde N, Arp D, Rieck K (2014) Modeling and discovering vulnerabilities with code property graphs. In: 2014 IEEE symposium on security and privacy, pp 590\u2013604. IEEE","DOI":"10.1109\/SP.2014.44"},{"key":"391_CR51","doi-asserted-by":"publisher","first-page":"2667","DOI":"10.1109\/TIFS.2021.3055638","volume":"16","author":"C Yang","year":"2021","unstructured":"Yang C, Wang L, Cao H, Yuan Q, Liu Y (2021) User behavior fingerprinting with multi-item-sets and its application in IPTV viewer identification. IEEE Trans Inf Forensics Secur 16:2667\u20132682","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"2","key":"391_CR52","doi-asserted-by":"publisher","first-page":"25","DOI":"10.2478\/popets-2020-0016.","volume":"2020","author":"Z Yang","year":"2020","unstructured":"Yang Z, Yue C (2020) A comparative measurement study of web tracking on mobile and desktop environments. Proc Priv Enhanc Technol 2020(2):25\u201345. https:\/\/doi.org\/10.2478\/popets-2020-0016. (https:\/\/content.sciendo.com\/view\/journals\/popets\/2020\/2\/article-p25.xml)","journal-title":"Proc Priv Enhanc Technol"},{"key":"391_CR53","doi-asserted-by":"crossref","unstructured":"Yang Z, Pei W, Chen M, Yue C (2022) Wtagraph: web tracking and advertising detection using graph neural networks. In: 2022 IEEE symposium on security and privacy (SP), pp 1540\u20131557. IEEE","DOI":"10.1109\/SP46214.2022.9833670"},{"issue":"11","key":"391_CR54","doi-asserted-by":"publisher","first-page":"4249","DOI":"10.1109\/TSE.2021.3115506","volume":"48","author":"X Zhan","year":"2021","unstructured":"Zhan X, Liu T, Liu Y, Liu Y, Li L, Wang H, Luo X (2021) A systematic assessment on android third-party library detection tools. IEEE Trans Softw Eng 48(11):4249\u20134273","journal-title":"IEEE Trans Softw Eng"},{"issue":"9","key":"391_CR55","first-page":"1","volume":"35","author":"Y Zhang","year":"2014","unstructured":"Zhang Y, Wu Q, Liu Q, Dong Y (2014) Research on security of third-party tracking. J Commun 35(9):1\u201311","journal-title":"J Commun"},{"key":"391_CR56","doi-asserted-by":"crossref","unstructured":"Zhang J, Wang X, Zhang H, Sun H, Wang K, Liu X (2019a) A novel neural source code representation based on abstract syntax tree. In: 2019 IEEE\/ACM 41st international conference on software engineering (ICSE), pp 783\u2013794. IEEE","DOI":"10.1109\/ICSE.2019.00086"},{"key":"391_CR57","doi-asserted-by":"crossref","unstructured":"Zhang J, Beresford AR, Sheret I (2019b) Sensorid: sensor calibration fingerprinting for smartphones. In: 2019 IEEE symposium on security and privacy (SP), pp 638\u2013655. IEEE","DOI":"10.1109\/SP.2019.00072"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00391-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00391-4","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00391-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,29]],"date-time":"2025-12-29T01:03:08Z","timestamp":1766970188000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-025-00391-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,29]]},"references-count":57,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["391"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00391-4","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,29]]},"assertion":[{"value":"19 December 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"6 March 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"29 December 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"96"}}