Search Results

1 - 5 of 5 items :

  • IT-Security and Cryptology x
Clear All
MAPS: Scaling Privacy Compliance Analysis to a Million Apps


The app economy is largely reliant on data collection as its primary revenue model. To comply with legal requirements, app developers are often obligated to notify users of their privacy practices in privacy policies. However, prior research has suggested that many developers are not accurately disclosing their apps’ privacy practices. Evaluating discrepancies between apps’ code and privacy policies enables the identification of potential compliance issues. In this study, we introduce the Mobile App Privacy System (MAPS) for conducting an extensive privacy census of Android apps. We designed a pipeline for retrieving and analyzing large app populations based on code analysis and machine learning techniques. In its first application, we conduct a privacy evaluation for a set of 1,035,853 Android apps from the Google Play Store. We find broad evidence of potential non-compliance. Many apps do not have a privacy policy to begin with. Policies that do exist are often silent on the practices performed by apps. For example, 12.1% of apps have at least one location-related potential compliance issue. We hope that our extensive analysis will motivate app stores, government regulators, and app developers to more effectively review apps for potential compliance issues.

Open access
Isolating Graphical Failure-Inducing Input for Privacy Protection in Error Reporting Systems

References [1] Nat. Inst. of Standards and Tech., Software Errors Cost U.S. Economy $59.5 Billion Annually. NIST News Release 2002. [2] Zhivich, M.; Cunningham, R. The Real Cost of Software Errors. IEEE Security & Privacy. 2009; pp 87-90. [3] Cambridge University, Cambridge University Study States Software Bugs Cost Economy $312 Billion Per Year 2013. [4] McLaughlin, L. Automated

Open access
A Study of MAC Address Randomization in Mobile Devices and When it Fails

. , Oct 2012. [23] T. Mitchell. Smartphone ownership rates skyrocket in many emerging economies, but digital divide remains. , Feb 2016. [24] A. Musa and J. Eriksson. Tracking Unmodified Smartphones Using Wi-Fi Monitors. In Proceedings of the 10th ACM conference on embedded network sensor systems , pages 281–294. ACM, 2012

Open access
Undermining Privacy in the Aircraft Communications Addressing and Reporting System (ACARS)

Aircraft Communications Addressing and Reporting System (ACARS). ArXiv e-prints, May 2017. URL https: // [48] M. Smith, D. Moser, M. Strohmeier, V. Lenders, and I. Martinovic. Economy Class Crypto: Exploring Weak Cipher Usage in Avionic Communications via ACARS. In 21st International Conference on Financial Cryptography and Data Security, Malta, 2017. [49] P. E. Storck. Benefits of Commercial Data Link Security. In Integrated Communications, Navigation and Surveillance Conference, ICNS, Herndon, 2013. IEEE

Open access
Investigating People’s Privacy Risk Perception

. Accessed: 2019-03-12. [45] Chanda Phelan, Cliff Lampe, and Paul Resnick. It’s Creepy, But It Doesn’t Bother Me. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI) , pages 5240–5251, New York, NY, USA, 2016. ACM. [46] Eduardo Porter. The Facebook Fallacy: Privacy Is Up to You. , 2018. Accessed: 2019-03-12. [47] Lee Rainie, Sara Kiesler, Ruogu Kang, and Mary Madden. Anonymity, Privacy, and Security Online.

Open access