Direct links to the other two papers:
Just curious, during your research did you face any issues due to the auto-update feature at the app/device level which would set you back. If so, how did you work around it other than disabling it ?
I noticed you include gstatic.com and a subdomain of cloudfront.com in the tracker domains list. Are these really known to be used for tracking or are they included because they're controlled by Google & Amazon?
I've never inspected Recaptcha (on gstatic.com), but it does some degree of tracking, ostensibly to detect unusual usage patterns and pick who gets to help train Google's ML models with distorted street objects, and who's never shown the captcha window.
I find it easier to just put the device in its own VLAN with zero internet access. Like the author has said, there’s no clear cut solution.
One of your captured urls in the paper looks like it might be part of a VAST request, which could lead to SSAI.