Mamtaj Akter,Madiha Tabassum,Nazmus Sakib Miazi,Leena Alghamdi,Jess Kropczynski,Pamela Wisniewski,Heather Lipford

2024-04-16

Abstract:Mobile privacy and security can be a collaborative process where individuals seek advice and help from their trusted communities. To support such collective privacy and security management, we developed a mobile app for Community Oversight of Privacy and Security ("CO-oPS") that allows community members to review one another's apps installed and permissions granted to provide feedback. We conducted a four-week-long field study with 22 communities (101 participants) of friends, families, or co-workers who installed the CO-oPS app on their phones. Measures of transparency, trust, and awareness of one another's mobile privacy and security behaviors, along with individual and community participation in mobile privacy and security co-management, increased from pre- to post-study. Interview findings confirmed that the app features supported collective considerations of apps and permissions. However, participants expressed a range of concerns regarding having community members with different levels of technical expertise and knowledge regarding mobile privacy and security that can impact motivation to participate and perform oversight. Our study demonstrates the potential and challenges of community oversight mechanisms to support communities to co-manage mobile privacy and security.

Human-Computer Interaction

Mamtaj Akter,Amy Godfrey,Jess Kropczynski,Heather Lipford,Pamela Wisniewski

DOI: https://doi.org/10.1145/3512904

2024-04-16

Abstract:Our research aims to highlight and alleviate the complex tensions around online safety, privacy, and smartphone usage in families so that parents and teens can work together to better manage mobile privacy and security-related risks. We developed a mobile application ("app") for Community Oversight of Privacy and Security ("CO-oPS") and had parents and teens assess whether it would be applicable for use with their families. CO-oPS is an Android app that allows a group of users to co-monitor the apps installed on one another's devices and the privacy permissions granted to those apps. We conducted a study with 19 parent-teen (ages 13-17) pairs to understand how they currently managed mobile safety and app privacy within their family and then had them install, use, and evaluate the CO-oPS app. We found that both parents and teens gave little consideration to online safety and privacy before installing new apps or granting privacy permissions. When using CO-oPS, participants liked how the app increased transparency into one another's devices in a way that facilitated communication, but were less inclined to use features for in-app messaging or to hide apps from one another. Key themes related to power imbalances between parents and teens surfaced that made co-management challenging. Parents were more open to collaborative oversight than teens, who felt that it was not their place to monitor their parents, even though both often believed parents lacked the technological expertise to monitor themselves. Our study sheds light on why collaborative practices for managing online safety and privacy within families may be beneficial but also quite difficult to implement in practice. We provide recommendations for overcoming these challenges based on the insights gained from our study.

Human-Computer Interaction

Zhiyuan Wan,Lingfeng Bao,Debin Gao,Eran Toch,Xin Xia,Tamir Mendel,David Lo

DOI: https://doi.org/10.1145/3369819

2019-01-01

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies

Abstract:The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of three user studies (n=50 altogether), in which pairs of older adults and family members used the app in a controlled experiment. Using app anomalies as an ongoing case study, we show how delegation improves the accuracy of decisions made by older adults. Also, we show how combining decision-delegation with crowdsourcing can enhance the advice given and improve the decision-making process. Our results suggest that a community-based approach can improve the state of mobile security and privacy.

Mamtaj Akter,Jess Kropczynski,Heather Lipford,Pamela Wisniewski

2024-09-04

Abstract:We conducted a 4-week field study with 101 smartphone users who self-organized into 22 small groups of family, friends, and neighbors to use ``CO-oPS,'' a mobile app for co-managing mobile privacy and security. We differentiated between those who provided oversight (i.e., caregivers) and those who did not (i.e., caregivees) to examine differential effects on their experiences and behaviors while using CO-oPS. Caregivers reported higher power use, community trust, belonging, collective efficacy, and self-efficacy than caregivees. Both groups' self-efficacy and collective efficacy for mobile privacy and security increased after using CO-oPS. However, this increase was significantly stronger for caregivees. Our research demonstrates how community-based approaches can benefit people who need additional help managing their digital privacy and security. We provide recommendations to support community-based oversight for managing privacy and security within communities of different roles and skills.

Human-Computer Interaction

Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Zeqing Guo,Weili Han,Liangxing Liu,Wenyuan Xu,Ruiqi Bu,Minyue Ni

DOI: https://doi.org/10.1145/2752952.2752974

2015-01-01

Abstract:More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users' friends can help users set applications without the leakage of friends' preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.

Yajin Zhou,Kapil Singh,Xuxian Jiang

DOI: https://doi.org/10.1007/978-3-319-08593-7_4

2014-01-01

Abstract:Modern smartphone apps tend to contain and use vast amounts of data that can be broadly classified as structured and unstructured. Structured data, such as an user's geolocation, has predefined semantics that can be retrieved by well-defined platform APIs. Unstructured data, on the other hand, relies on the context of the apps to reflect its meaning and value, and is typically provided by the user directly into an app's interface. Recent research has shown that third-party apps are leaking highly-sensitive unstructured data, including user's banking credentials. Unfortunately, none of the current solutions focus on the protection of unstructured data. In this paper, we propose an owner-centric solution to protect unstructured data on smartphones. Our approach allows the data owners to specify security policies when providing their untrusted data to third-party apps. It tracks the flow of information to enforce the owner's policies at strategic exit points. Based on this approach, we design and implement a system, called <Literal>DataChest</Literal>. We develop several mechanisms to reduce user burden and keep interruption to the minimum, while at the same time preventing the malicious apps from tricking the user. We evaluate our system against a set of real-world malicious apps and a series of synthetic attacks to show that it can successfully prevent the leakage of unstructured data while incurring reasonable performance overhead.

Mamtaj Akter,Leena Alghamdi,Jess Kropczynski,Heather Lipford,Pamela Wisniewski

DOI: https://doi.org/10.1145/3544549.3585904

2024-04-16

Abstract:We conducted a user study with 19 parent-teen dyads to understand the perceived benefits and drawbacks of using a mobile app that allows them to co-manage mobile privacy, safety, and security within their families. While the primary goal of the study was to understand the use case as it pertained to parents and teens, an emerging finding from our study was that participants found value in extending app use to other family members (siblings, cousins, and grandparents). Participants felt that it would help bring the necessary expertise into their immediate family network and help protect the older adults and children of the family from privacy and security risks. However, participants expressed that co-monitoring by extended family members might cause tensions in their families, creating interpersonal conflicts. To alleviate these concerns, participants suggested more control over the privacy features to facilitate sharing their installed apps with only trusted family members.

Human-Computer Interaction

Anthony Quattrone,Lars Kulik,Egemen Tanin,Kotagiri Ramamohanarao,Tao Gu

DOI: https://doi.org/10.1109/icics.2015.7459926

2015-01-01

Abstract:Privacy has become a key concern for smartphone users as many apps tend to access and share sensitive data. However, it is not easily understandable for users which apps access what type of data and which are the minimal access permissions required to achieve a certain functionality. Although there are apps targeting privacy concerns, they only show which type of data is accessed but not whether it is necessary for an app to achieve its functionality. We propose a model that groups apps together in terms of advertised functionality and assesses an app's privacy intrusiveness based on the requested permissions relative to similar apps. To improve user comprehension of permissions, we implement PrivacyPalisade and demonstrate Android OS level modifications that use visual cues to indicate the privacy intrusiveness of an app. If an app requests a permission that is not common in its cohort, the user is notified and shown visually the permission implications. We demonstrate that the proposed approach is scalable and incurs little performance overhead.

Shradha Neupane,Faiza Tazi,Upakar Paudel,Freddy Freddy Veloz Baez,Merzia Adamjee,Lorenzo De Carli,Sanchari Das,Indrakshi Ray

DOI: https://doi.org/10.2139/ssrn.4121997

2022-01-01

SSRN Electronic Journal

Abstract:Most Internet of Things (IoT) devices provide access through mobile companion apps to configure, update, and control the devices. In many cases, these apps handle all user data moving in and out of devices and cloud endpoints. Thus, they constitute a critical component in the IoT ecosystem from a privacy standpoint, but they have historically been understudied. In this paper, we perform a latitudinal study and analysis of a sample of 455 IoT companion apps to understand their privacy posture using various methods and evaluate whether apps follow best practices. Specifically, we focus on three aspects: data privacy, security, and risk. Our findings indicate: (i) apps may over-request permissions , particularly for tasks that are not related to their functioning; and (ii) there is widespread use of programming and configuration practices which may reduce security, with the concerning extreme of two apps transmitting credentials in unencrypted form.

Shuai Li,Zhemin Yang,Nan Hua,Peng Liu,Xiaohan Zhang,Guangliang Yang,Min Yang

DOI: https://doi.org/10.1145/3548606.3559371

2022-01-01

Abstract:ABSTRACTRecent years have witnessed the interesting trend that modern mobile apps perform more and more likely as user-to-user platforms, where app users can be freely and conveniently connected. Upon these platforms, rich and diverse data is often delivered across users, which brings users great conveniences and plentiful services, but also introduces privacy security concerns. While prior work has primarily studied illegitimate personal data collection problems in mobile apps, few paid little attention to the security of this emerging user-to-user platform feature, thus providing a rather limited understanding of the privacy risks in this aspect. In this paper, we focus on the security of the user-to-user platform feature and shed light on its caused insufficiently-studied but critical privacy risk, which is brought forward by cross-user personal data over-delivery (denoted as XPO). For the first time, this paper reveals the landscape of such XPO risk in wild, along with prevalence and severity assessment. To achieve this, we design a novel automated risk detection framework, named XPOChecker, that leverages the advantages of machine learning and program analysis to extensively and precisely identify potential privacy risks during user-to-user connections, and regulate whether the delivered data is legitimate or not. By applying XPOChecker on 13,820 real-world popular Android apps, we find that XPO is prevalent in practice, with 1,902 apps (13.76%) being affected. In addition to the mere exposure of diverse private user data which causes serious and broad privacy infringement, we demonstrate that the XPO exploits can invalidate privacy preservation mechanisms, leak business secrets, and even restore the sensitive membership of victims which potentially poses personal safety threats. Furthermore, we also confirm the existence of XPO risks in iOS apps for the first time. Last, to help understand and prevent XPO, we have responsibly launched two notification campaigns to inform the developers of the affected apps, with the conclusion of five underlying lessons from developers' feedback. We hope our work can make up for the deficiency of the understandings of XPO, help developers avoid XPO, and motivate further researches.

Mohsen Jozani,Emmanuel Ayaburi,Myung Ko,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.chb.2020.106260

IF: 9.9

2020-06-01

Computers in Human Behavior

Abstract:Privacy threats in a social media-enabled application (app) can originate from either the institution or other app users. Although privacy in social media is well studied, the role of social (peer) privacy concerns is largely unknown and most privacy studies on mobile apps focus on initial adoption and ignore long-term behavioral outcomes. Drawing on the privacy calculus theory, this study examines the impact of both institutional and social privacy concerns on long-term user engagement with social media-enabled apps. Findings from the analysis of 354 survey responses reveal that both institutional and social privacy concerns decrease engagement. Regarding the antecedents, the perceived sensitivity of information increases institutional privacy concerns. However, social privacy concerns is influenced by the perception of risk and control. Moreover, while the impacts of social and enjoyment benefits are expectedly positive, the perception of efficiency benefits decreases engagement. These findings are further investigated and validated through a follow-up text analysis study, suggesting that users who enjoy the functionality of these apps are more likely to express social privacy concerns and minimize their engagement. This study contributes to the literature of privacy on mobile apps by unraveling the intricate dynamics of privacy concerns and benefits in the social mobile era.

psychology, multidisciplinary, experimental

Salim Ullah,Muhammad Sohail Khan,Choonhwa Lee,Muhammad Hanif

DOI: https://doi.org/10.3390/electronics11020246

IF: 2.9

2022-01-13

Electronics

Abstract:Recently, smartphone usage has increased tremendously, and smartphones are being used as a requirement of daily life, equally by all age groups. Smartphone operating systems such as Android and iOS have made it possible for anyone with development skills to create apps for smartphones. This has enabled smartphone users to download and install applications from stores such as Google Play, App Store, and several other third-party sites. During installation, these applications request resource access permissions from users. The resources include hardware and software like contact, memory, location, managing phone calls, device state, messages, camera, etc. As per Google’s permission policy, it is the responsibility of the user to allow or deny any permissions requested by an app. This leads to serious privacy violation issues when an app gets illegal permission granted by a user (e.g., an app might request for granted map permission and there is no need for map permission in the app, and someone can thereby access your location by this app). This study investigates the behavior of the user when it comes to safeguarding their privacy while installing apps from Google Play. In this research, first, seven different applications with irrelevant permission requests were developed and uploaded to two different Play Store accounts. The apps were live for more than 12 months and data were collected through Play Store analytics as well as the apps’ policy page. The preliminary data analysis shows that only 20% of users showed concern regarding their privacy and security either through interaction with the development team through email exchange or through commenting on the platform and other means accordingly.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhengyang Qu,Vaibhav Rastogi,Xinyi Zhang,Yan Chen,Tiantian Zhu,Zhong Chen

DOI: https://doi.org/10.1145/2660267.2660287

2014-01-01

Abstract:The booming popularity of smartphones is partly a result of application markets where users can easily download wide range of third-party applications. However, due to the open nature of markets, especially on Android, there have been several privacy and security concerns with these applications. On Google Play, as with most other markets, users have direct access to natural-language descriptions of those applications, which give an intuitive idea of the functionality including the security-related information of those applications. Google Play also provides the permissions requested by applications to access security and privacy-sensitive APIs on the devices. Users may use such a list to evaluate the risks of using these applications. To best assist the end users, the descriptions should reflect the need for permissions, which we term description-to-permission fidelity. In this paper, we present a system AUTOCOG to automatically assess description-to-permission fidelity of applications. AUTOCOG employs state-of-the-art techniques in natural language processing and our own learning-based algorithm to relate description with permissions. In our evaluation, AUTOCOG outperforms other related work on both performance of detection and ability of generalization over various permissions by a large extent. On an evaluation of eleven permissions, we achieve an average precision of 92.6% and an average recall of 92.0%. Our large-scale measurements over 45,811 applications demonstrate the severity of the problem of low description-to-permission fidelity. AUTOCOG helps bridge the long-lasting usability gap between security techniques and average users.

Fahimeh Ebrahimi,Miroslav Tushev,Anas Mahmoud

DOI: https://doi.org/10.48550/arXiv.1910.03622

2019-10-09

Abstract:Mobile applications (apps) have become deeply personal, constantly demanding access to privacy-sensitive information in exchange for more personalized user experiences. Such privacy-invading practices have generated major multidimensional and unconventional privacy concerns among app users. To address these concerns, the research on mobile app privacy has experienced rapid growth over the past decade. In general, this line of research is aimed at systematically exposing the privacy practices of apps and proposing solutions to protect the privacy of mobile app users. In this survey paper, we conduct a systematic mapping study of 54 Software Engineering (SE) primary studies on mobile app privacy. Our objectives are to a) explore trends in SE app privacy research, b) categorize existing evidence, and c) identify potential directions for future research. Our results show that existing literature can be divided into four main categories: privacy policy, requirements, user perspective, and leak detection. Furthermore, our survey reveals an imbalance between these categories; majority of existing research focuses on proposing tools for detecting privacy leaks, with less studies targeting privacy requirements and policy and even less on user perspective. Finally, our survey exposes several gaps in existing research and suggests areas for improvement.

Software Engineering,Human-Computer Interaction

Leonardo Horn Iwaya,M. Ali Babar,Awais Rashid,Chamila Wijayarathna

DOI: https://doi.org/10.1007/s10664-022-10236-0

2022-01-22

Abstract:An increasing number of mental health services are offered through mobile systems, a paradigm called mHealth. Although there is an unprecedented growth in the adoption of mHealth systems, partly due to the COVID-19 pandemic, concerns about data privacy risks due to security breaches are also increasing. Whilst some studies have analyzed mHealth apps from different angles, including security, there is relatively little evidence for data privacy issues that may exist in mHealth apps used for mental health services, whose recipients can be particularly vulnerable. This paper reports an empirical study aimed at systematically identifying and understanding data privacy incorporated in mental health apps. We analyzed 27 top-ranked mental health apps from Google Play Store. Our methodology enabled us to perform an in-depth privacy analysis of the apps, covering static and dynamic analysis, data sharing behaviour, server-side tests, privacy impact assessment requests, and privacy policy evaluation. Furthermore, we mapped the findings to the LINDDUN threat taxonomy, describing how threats manifest on the studied apps. The findings reveal important data privacy issues such as unnecessary permissions, insecure cryptography implementations, and leaks of personal data and credentials in logs and web requests. There is also a high risk of user profiling as the apps' development do not provide foolproof mechanisms against linkability, detectability and identifiability. Data sharing among third parties and advertisers in the current apps' ecosystem aggravates this situation. Based on the empirical findings of this study, we provide recommendations to be considered by different stakeholders of mHealth apps in general and apps developers in particular. [...]

Cryptography and Security,Computers and Society

Yiting Qu,Suguo Du,Shaofeng Li,Yan Meng,Le Zhang,Haojin Zhu

DOI: https://doi.org/10.1109/jiot.2020.3039472

IF: 10.6

2021-05-01

IEEE Internet of Things Journal

Abstract:Mobile applications play a crucial role in the IoT system, which is experiencing unprecedented growth. However, users possessing little knowledge of permission configurations often accept app permission requests without reading them, which opens a backdoor for the potential adversaries to launch the future attacks. Proposing an automatic permission management scheme is an attractive solution to solve this issue, but since users have varying attitudes toward privacy, such a scheme would be neither straightforward nor user friendly. In this study, an automatic permission optimization framework, Permizer, is proposed to recommend different app permission configurations to users with different privacy preferences. Permizer estimates the permission risks and builds the permission-functionality mapping to each app, then regulates the relationship between permission and app functionality. Permizer is the first module to achieve a balance between privacy protection and app functionality under the personal privacy preference condition. Finally, we develop Permizer as a one-button service on the real-world Android OS with 58 apps. Case studies conducted on TikTok and Amazon Alexa also demonstrate its practicability and effectiveness.

computer science, information systems,telecommunications,engineering, electrical & electronic

Imdad Ullah,Roksana Boreli,Salil S. Kanhere,Sanjay Chawla,Tariq Ahamed Ahanger,Usman Tariq

DOI: https://doi.org/10.1109/access.2020.3014424

IF: 3.9

2020-01-01

IEEE Access

Abstract:The Analytics companies enable successful targeted advertising via user profiles, derived from the mobile apps installed by specific users, and hence have become an integral part of the mobile advertising industry. This threatens the users' privacy, when profiling is based on apps representing sensitive information, e.g., gambling problems indicated by a game app. In this work, we propose an app-based profile obfuscation mechanism, ProfileGuard, with the objective of eliminating the dominance of private interest categories (i.e. the prevailing private interest categories present in a user profile). We demonstrate, based on wide-range experimental evaluation of Android apps in a nine month test campaign, that the proposed obfuscation mechanism based on similarity with user's existing apps (ensuring that selected obfuscating apps belong to non-private categories) can achieve a good trade-off between efforts required by the obfuscating system and the resulting privacy protection. We also show how the bespoke (customised to profile obfuscation) and bespoke++ (resource-aware) strategies can deliver significant improvements in the level of obfuscation and (particularly bespoke++) in the use of mobile resources, making the latter a good candidate strategy in resource-constrained scenarios e.g., for fixed data use mobile plans. We also implement a POC ProfileGuard app to demonstrate the feasibility of an automated obfuscation mechanism. Furthermore, we provide insights to Google AdMob profiling rules, such as showing how individual apps map to user's interests within their profile in a deterministic way and that AdMob requires a certain level of activity to build a stable user profile.

Muhammad Hassan,Mahnoor Jameel,Tian Wang,Masooda Bashir

DOI: https://doi.org/10.48550/arXiv.2310.14490

IF: 6.4588

2023-10-23

Human-Computer Interaction

Abstract:FemTech or Female Technology, is an expanding field dedicated to providing affordable and accessible healthcare solutions for women, prominently through Female Health Applications that monitor health and reproductive data. With the leading app exceeding 1 billion downloads, these applications are gaining widespread popularity. However, amidst contemporary challenges to women's reproductive rights and privacy, there is a noticeable lack of comprehensive studies on the security and privacy aspects of these applications. This exploratory study delves into the privacy risks associated with seven popular applications. Our initial quantitative static analysis reveals varied and potentially risky permissions and numerous third-party trackers. Additionally, a preliminary examination of privacy policies indicates non-compliance with fundamental data privacy principles. These early findings highlight a critical gap in establishing robust privacy and security safeguards for FemTech apps, especially significant in a climate where women's reproductive rights face escalating threats.

Bakheet Aljedaani,Aakash Ahmad,Mansooreh Zahedi,M. Ali Babar

DOI: https://doi.org/10.48550/arXiv.2008.03034

2020-08-07

Abstract:Mobile apps exploit embedded sensors and wireless connectivity of a device to empower users with portable computations, context-aware communication, and enhanced interaction. Specifically, mobile health apps (mHealth apps for short) are becoming integral part of mobile and pervasive computing to improve the availability and quality of healthcare services. Despite the offered benefits, mHealth apps face a critical challenge, i.e., security of health critical data that is produced and consumed by the app. Several studies have revealed that security specific issues of mHealth apps have not been adequately addressed. The objectives of this study are to empirically (a) investigate the challenges that hinder development of secure mHealth apps, (b) identify practices to develop secure apps, and (c) explore motivating factors that influence secure development. We conducted this study by collecting responses of 97 developers from 25 countries, across 06 continents, working in diverse teams and roles to develop mHealth apps for Android, iOS, and Windows platform. Qualitative analysis of the survey data is based on (i) 8 critical challenges, (ii) taxonomy of best practices to ensure security, and (iii) 6 motivating factors that impact secure mHealth apps. This research provides empirical evidence as practitioners view and guidelines to develop emerging and next generation of secure mHealth apps.

Software Engineering,Computers and Society