Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Zhiyuan Wan,Lingfeng Bao,Debin Gao,Eran Toch,Xin Xia,Tamir Mendel,David Lo

DOI: https://doi.org/10.1145/3369819

2019-01-01

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies

Abstract:The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of three user studies (n=50 altogether), in which pairs of older adults and family members used the app in a controlled experiment. Using app anomalies as an ongoing case study, we show how delegation improves the accuracy of decisions made by older adults. Also, we show how combining decision-delegation with crowdsourcing can enhance the advice given and improve the decision-making process. Our results suggest that a community-based approach can improve the state of mobile security and privacy.

Yajin Zhou,Kapil Singh,Xuxian Jiang

DOI: https://doi.org/10.1007/978-3-319-08593-7_4

2014-01-01

Abstract:Modern smartphone apps tend to contain and use vast amounts of data that can be broadly classified as structured and unstructured. Structured data, such as an user's geolocation, has predefined semantics that can be retrieved by well-defined platform APIs. Unstructured data, on the other hand, relies on the context of the apps to reflect its meaning and value, and is typically provided by the user directly into an app's interface. Recent research has shown that third-party apps are leaking highly-sensitive unstructured data, including user's banking credentials. Unfortunately, none of the current solutions focus on the protection of unstructured data. In this paper, we propose an owner-centric solution to protect unstructured data on smartphones. Our approach allows the data owners to specify security policies when providing their untrusted data to third-party apps. It tracks the flow of information to enforce the owner's policies at strategic exit points. Based on this approach, we design and implement a system, called <Literal>DataChest</Literal>. We develop several mechanisms to reduce user burden and keep interruption to the minimum, while at the same time preventing the malicious apps from tricking the user. We evaluate our system against a set of real-world malicious apps and a series of synthetic attacks to show that it can successfully prevent the leakage of unstructured data while incurring reasonable performance overhead.

Zeqing Guo,Weili Han,Liangxing Liu,Wenyuan Xu,Ruiqi Bu,Minyue Ni

DOI: https://doi.org/10.1145/2752952.2752974

2015-01-01

Abstract:More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users' friends can help users set applications without the leakage of friends' preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.

Yunxin Liu,Ahmad Rahmati,Hyukjae Jang,Yuanhe Huang,Lin Zhong,Yongguang Zhang,Shensheng Zhang

DOI: https://doi.org/10.1109/tmc.2010.162

IF: 6.075

2010-01-01

IEEE Transactions on Mobile Computing

Abstract:Mobile phones are truly personal devices loaded with personal data such as photos, contacts, and call history. Yet it is often necessary or desirable to share our phones with others. This is especially true as mobile phones are integrating features conventionally provided by other dedicated devices, from MP3 players to games consoles. Yet existing phones assume a single user and provide little protection for private data and applications when a phone is shared. That is, when we lend our phones to others, we give away complete access. In this work, we present xShare, a protection solution to address this problem. xShare allows phone owners to rapidly specify what they want to share and place the phone into a restricted mode where only the data and applications intended for sharing can be accessed. We first present two formative user studies and derive the design requirements of xShare. We then offer the design of xShare based on file-level access control. We describe the implementation of xShare on Windows Mobile and report a comprehensive evaluation, including performance measurements, usability, and a one-month field trial.

Yunxin Liu,Ahmad Rahmati,Yuanhe Huang,Hyukjae Jang,Lin Zhong,Yongguang Zhang,Shensheng Zhang

DOI: https://doi.org/10.1145/1555816.1555819

2009-01-01

Abstract:Loaded with personal data, e.g. photos, contacts, and call history, mobile phones are truly personal devices. Yet it is often necessary or desirable to share our phones with others. This is especially true as mobile phones are integrating features conventionally provided by other dedicated devices, from MP3 players to games consoles. Unfortunately, when we lend our phones to others, we give away complete access because existing phones assume a single user and provide little protection for private data and applications. In this work, we present xShare, a protection solution to address this problem. xShare allows phone owners to rapidly specify what they want to share and place the phone into a restricted mode where only the data and applications intended for sharing can be accessed.We first present findings from two motivational user studies based on which we provide the design requirements of xShare. We then present the design of xShare based on file-level access control. We describe the implementation of xShare on Windows Mobile and report a comprehensive usability evaluation of the implementation, including measurements and user studies. The evaluation demonstrates that our xShare implementation has negligible overhead for interactive phone usage, is extremely favored by mobile users, and provides robust protection against attacks by experienced Windows Mobile users and developers.

Periwinkle Doerfler,Kieron Ivy Turk,Chris Geeng,Damon McCoy,Jeffrey Ackerman,Molly Dragiewicz

2024-07-06

Abstract:In this work, we analyze two large-scale surveys to examine how individuals think about sharing smartphone access with romantic partners as a function of trust in relationships. We find that the majority of couples have access to each others' devices, but may have explicit or implicit boundaries on how this access is to be used. Investigating these boundaries and related social norms, we find that there is little consensus about the level of smartphone access (i.e., transparency), or lack thereof (i.e., privacy) that is desirable in romantic contexts. However, there is broad agreement that the level of access should be mutual and consensual. Most individuals understand trust to be the basis of their decisions about transparency and privacy. Furthermore, we find individuals have crossed these boundaries, violating their partners' privacy and betraying their trust. We examine how, when, why, and by whom these betrayals occur. We consider the ramifications of these boundary violations in the case of intimate partner violence. Finally, we provide recommendations for design changes to enable technological enforcement of boundaries currently enforced by trust, bringing access control in line with users' sharing preferences.

Cryptography and Security

Jiangrong Wu,Yuhong Nan,Luyi Xing,Jiatao Cheng,Zimin Lin,Zibin Zheng,Min Yang

DOI: https://doi.org/10.14722/ndss.2024.24138

2024-01-01

Abstract:Cross-app content sharing is one of the prominent features widely used in mobile apps.For example, a short video from one app can be shared to another (e.g., a messaging app) and further viewed by other users.In many cases, such Crossapp content sharing activities could have privacy implications for both the sharer and sharee, such as exposing app users' personal interests.In this paper, we provide the first in-depth study on the privacy implications of Cross-app content sharing (as we call Cracs) activities in the mobile ecosystem.Our research showed that during the sharing process, the adversary can not only track and infer user interests as traditional web trackers but also cause other severe privacy implications to app users.More specifically, due to multiple privacy-intrusive designs and implementations of Cracs, an adversary can easily reveal a user's social relations to an outside party, or unnecessarily expose user identities and her associated personal data (e.g., user accounts in another app).Such privacy implications are indeed a concern for app users, as confirmed by a user study we have performed with 300 participants.To further evaluate the impact of our identified privacy implications at large, we have designed an automatic pipeline named Shark, combined with static analysis and dynamic analysis to effectively identify whether a given app introduces unnecessary data exposure in Cracs.We analyzed 300 top downloaded apps collected from app stores in both the US and China.The analysis results showed that over 55% of the apps from China and 10% from the US are indeed problematic.

Sha Zhao,Feng Xu,Yizhi Xu,Xiaojuan Ma,Zhiling Luo,Shijian Li,Anind Dey,Gang Pan

DOI: https://doi.org/10.1007/s42486-019-00011-4

2019-01-01

CCF Transactions on Pervasive Computing and Interaction

Abstract:Smartphone applications (Abbr. apps) have become an indispensable part in our everyday lives. Users determine what apps to use depending on their personal needs and interests. Users with different attributes may have different needs, making it natural for their app usage behaviors to be different. The differences in app usage behaviors among users make it possible to infer their attributes. Knowing such differences could help improve mobile user experiences by enhancing smart services and devices. In this paper, we present an empirical study of investigating smartphone user differences on a large-scale dataset of recently used app lists from 106,672 Android users from China. We first investigate the user differences in app usage behaviors with respect to their attributes (gender, age, and income level). We find significant differences in app usage frequency, app usage with time context and functions. We then extract corresponding features from app usage records to infer the attributes of each user, and investigate the predictive ability of individual features and combinations of different individual features. We achieve the accuracy of 83.29% for gender, 69.94% for age (four age ranges) and 71.43% for income level (three income levels) with the best set of features, respectively. Finally, we discuss the implications of our findings and the limitations of this work.

Christos Perentis,Michele Vescovi,Chiara Leonardi,Corrado Moiso,Mirco Musolesi,Fabio Pianesi,Bruno Lepri

DOI: https://doi.org/10.1145/3017431

IF: 5.3

2017-05-28

ACM Transactions on Internet Technology

Abstract:The wide adoption of mobile devices and social media platforms have dramatically increased the collection and sharing of personal information. More and more frequently, users are called to make decisions concerning the disclosure of their personal information. In this study, we investigate the factors affecting users’ choices toward the disclosure of their personal data, including not only their demographic and self-reported individual characteristics, but also their social interactions and their mobility patterns inferred from months of mobile phone data activity. We report the findings of a field study conducted with a community of 63 subjects provided with (i) a smart-phone and (ii) a Personal Data Store (PDS) enabling them to control the disclosure of their data. We monitor the sharing behavior of our participants through the PDS and evaluate the contribution of different factors affecting their disclosing choices of location and social interaction data. Our analysis shows that social interaction inferred by mobile phones is an important factor revealing willingness to share, regardless of the data type. In addition, we provide further insights on the individual traits relevant to the prediction of sharing behavior.

computer science, information systems, software engineering

Mamtaj Akter,Leena Alghamdi,Jess Kropczynski,Heather Lipford,Pamela Wisniewski

DOI: https://doi.org/10.1145/3544549.3585904

2024-04-16

Abstract:We conducted a user study with 19 parent-teen dyads to understand the perceived benefits and drawbacks of using a mobile app that allows them to co-manage mobile privacy, safety, and security within their families. While the primary goal of the study was to understand the use case as it pertained to parents and teens, an emerging finding from our study was that participants found value in extending app use to other family members (siblings, cousins, and grandparents). Participants felt that it would help bring the necessary expertise into their immediate family network and help protect the older adults and children of the family from privacy and security risks. However, participants expressed that co-monitoring by extended family members might cause tensions in their families, creating interpersonal conflicts. To alleviate these concerns, participants suggested more control over the privacy features to facilitate sharing their installed apps with only trusted family members.

Human-Computer Interaction

Tianyue Mi,Mengke Gou,Guangyu Zhou,Yiqun Gan,Ralf Schwarzer

DOI: https://doi.org/10.1016/j.cose.2020.101954

IF: 5.105

2020-01-01

Computers & Security

Abstract:Smartphone users are often said to be the weakest link in information security. They often install apps from unknown sources, connect to open WIFI in public places, and check and open dangerous email attachments on their phones. The current study aims to uncover psychological mechanisms that may be responsible for individual differences in smartphone security behavior, theoretically based on the health action process approach (HAPA). In a longitudinal survey, 192 students in the age range from 18 to 47 years (141 of them women) completed psychometric assessments at baseline and two weeks later. Intention, planning, action control, and smartphone security behaviors were measured along with socio-demographic information. The path analysis revealed that planning and action control mediated sequentially the relationship between intention and smartphone security behavior. The model accounted for 52.30% of the variance in smartphone security behavior. The result supported the theoretical assumptions of the HAPA, with a focus on the mediation by planning and action control. Interventions that focus on such factors might help improve compliance with recommendations for smartphone security behavior.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hong-qi He,Shuiqiao Yang,Hang Jiang,Wei Liu,Yong Liu

DOI: https://doi.org/10.1002/cpe.4180

2018-01-01

Abstract:This paper discusses security issues on the user equipment, which is the last mile of social networks. One of the main Achilles' heel of social networks is not the organization of networks themselves, but the user devices, typically Android ones. The existing system of privileges makes it easy to infiltrate the network via applications installed on users' devices. Conventional signature-based and static analysis methods are vulnerable. Access to privacy- and security-relevant parts of the application programming interface is controlled by the corresponding permission in a manifest file. While requesting access to permissions, it may offer opportunities to malicious codes, which will cause security issues. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our multilayered permission-based security extension scheme on Android platforms. We propose a usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension mechanism. In contrast to previous work, the proposed security architecture provides a permission-based mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness of the proposed scheme in mitigating permission leakage vulnerabilities.

Hyunjin Kang,Wonsun Shin

DOI: https://doi.org/10.1089/cyber.2015.0340

2016-03-01

Abstract:This study examines how consumers&#x27; competence at using smartphone technology (i.e., power usage) affects their privacy protection behaviors. A survey conducted with smartphone users shows that power usage influences privacy protection behavior not only directly but also indirectly through privacy concerns and trust placed in mobile service providers. A follow-up experiment indicates that the effects of power usage on smartphone users&#x27; information management can be a function of content personalization. Users, high on power usage, are less likely to share personal information on personalized mobile sites, but they become more revealing when they interact with nonpersonalized mobile sites.

psychology, social

Sha Zhao,Julian Ramos,Jianrong Tao,Ziwen Jiang,Shijian Li,Zhaohui Wu,Gang Pan,Anind K. Dey

DOI: https://doi.org/10.1145/2971648.2971696

2016-01-01

Abstract:Understanding smartphone users is fundamental for creating better smartphones, and improving the smartphone usage experience and generating generalizable and reproducible research. However, smartphone manufacturers and most of the mobile computing research community make a simplifying assumption that all smartphone users are similar or, at best, constitute a small number of user types, based on their behaviors. Manufacturers design phones for the broadest audience and hope they work for all users. Researchers mostly analyze data from smartphone-based user studies and report results without accounting for the many different groups of people that make up the user base of smartphones. In this work, we challenge these elementary characterizations of smartphone users and show evidence of the existence of a much more diverse set of users. We analyzed one month of application usage from 106,762 Android users and discovered 382 distinct types of users based on their application usage behaviors, using our own two-step clustering and feature ranking selection approach. Our results have profound implications on the reproducibility and reliability of mobile computing studies, design and development of applications, determination of which apps should be pre-installed on a smartphone and, in general, on the smartphone usage experience for different types of users.

Hao Wu,Zheng Qin,Xuejin Tian,Edward Sun,Fengyuan Xu,Sheng Zhong

DOI: https://doi.org/10.1109/dsc47296.2019.8937600

2019-01-01

Abstract:Android, which accounts for 76.08% of the market(1), is the most popular and widely used mobile system today. Users install various applications from different sources and for different functionalities to get all sorts of services. Since smartphones carry a large amount of private user information, their security has been widely concerned in recent years. Android uses permissions to restrict the behaviors of applications and protect system resources and user privacy, such as location, password, and contact list carried on mobile devices. The research community has previously explored a variety of methods to enhance the permission system with the help of the system context and application program. However, such methods cannot address the permission violation issues raised by resources sharing, e.g., screen sharing and clipboard sharing, which are designed for more convenient human-computer interactions. In this work, we perform several proof-of-concept attacks on resources sharing to illustrate the deficiencies in the permission control system. We believe that the cause of these issues is that the permission control system does not fully understand the user's intentions. Then, we propose a non-intrusive user-action based permission control system, which can achieve more precise permission control by mining the user's intentions when operating the device.

Huichuan Xia

DOI: https://doi.org/10.24251/hicss.2023.292

2023-01-01

Abstract:The Contextual Integrity (CI) theory provides a benchmark for privacy protection or violation according to the appropriateness of information collection and flows in a certain context. As privacy threats and protections develop and vie in various mobile contexts, how smartphone users represent the benchmark CI in their minds deserves exploration. In this study, we inquired into 18 smartphone users’ privacy mental models of CI. We found that they verbalized and visualized three patterns of information flow (i.e., unidirectional lines, branching tree, and complex network) and two categories of information collection (i.e., monetization-oriented and monitoring-based). With these mental models, our participants expressed numerous privacy concerns, such as unstoppable information sharing, data monetization, and surveillance. We discussed these findings and concluded that even though mobile operating systems and apps have claimed to be privacy-friendly and protective, some users remain dubious about such claims even though their privacy mental models may not accurately reflect reality.

Zixue Tai,Cheng Dai

DOI: https://doi.org/10.1186/s40359-022-00857-x

2022-06-08

Abstract:Background: Smartphone use has become a pervasive aspect of youth daily life today. Immersive engagement with apps and features on the smartphone may lead to intimate and affectionate human-device relationships. The purpose of this research is to holistically dissect the ranked order of the various dimensions of college students' attachment to the smartphones through the by-person factorial analytical power of Q methodology. Methods: Inspired by extant research into diverse aspects of human attachment to the smartphones, a concourse of 50 statements pertinent to the functional, behavioral, emotional and psychological dimensions of human-smartphone attachment were pilot tested and developed. A P sample of 67 participants completed the Q sort based on respective subjective perceptions and self-references. Data was processed utilizing the open-source Web-based Ken-Q Analysis software in detecting the main factorial structure. Results: Five distinct factor (persona) exemplars were identified illustrating different pragmatic, cognitive and attitudinal approaches to smartphone engagement. They were labeled mainstream users, disciplined conventionalists, casual fun-seekers, inquisitive nerds, and sentient pragmatists in response to their respective psycho-behavioral traits. There were clear patterns of similarity and divergence among the five personas. Conclusion: The typological diversity points to the multiplicate nature of human-smartphone attachment. Clusters of cognitive, behavioral and habitual patterns in smartphone engagement driving each persona may be a productive area of exploration in future research in exploring their respective emotional and other outcomes. The concurrent agency of nomophobia and anthropomorphic attribution is an intriguing line of academic inquiry.

Konrad Kollnig,Anastasia Shuba,Reuben Binns,Max Van Kleek,Nigel Shadbolt

DOI: https://doi.org/10.2478/popets-2022-0033

2021-12-20

Abstract:While many studies have looked at privacy properties of the Android and Google Play app ecosystem, comparatively much less is known about iOS and the Apple App Store, the most widely used ecosystem in the US. At the same time, there is increasing competition around privacy between these smartphone operating system providers. In this paper, we present a study of 24k Android and iOS apps from 2020 along several dimensions relating to user privacy. We find that third-party tracking and the sharing of unique user identifiers was widespread in apps from both ecosystems, even in apps aimed at children. In the children's category, iOS apps tended to use fewer advertising-related tracking than their Android counterparts, but could more often access children's location. Across all studied apps, our study highlights widespread potential violations of US, EU and UK privacy law, including 1) the use of third-party tracking without user consent, 2) the lack of parental consent before sharing personally identifiable information (PII) with third-parties in children's apps, 3) the non-data-minimising configuration of tracking libraries, 4) the sending of personal data to countries without an adequate level of data protection, and 5) the continued absence of transparency around tracking, partly due to design decisions by Apple and Google. Overall, we find that neither platform is clearly better than the other for privacy across the dimensions we studied.

Cryptography and Security,Computers and Society

Konrad Kollnig,Anastasia Shuba,Reuben Binns,Max Van Kleek,Nigel Shadbolt

DOI: https://doi.org/10.2478/popets-2022-0033

2022-03-03

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract While many studies have looked at privacy properties of the Android and Google Play app ecosystem, comparatively much less is known about iOS and the Apple App Store, the most widely used ecosystem in the US. At the same time, there is increasing competition around privacy between these smartphone operating system providers. In this paper, we present a study of 24k Android and iOS apps from 2020 along several dimensions relating to user privacy. We find that third-party tracking and the sharing of unique user identifiers was widespread in apps from both ecosystems, even in apps aimed at children. In the children’s category, iOS apps tended to use fewer advertising-related tracking than their Android counterparts, but could more often access children’s location. Across all studied apps, our study highlights widespread potential violations of US, EU and UK privacy law, including 1) the use of third-party tracking without user consent, 2) the lack of parental consent before sharing personally identifiable information (PII) with third-parties in children’s apps, 3) the non-data-minimising configuration of tracking libraries, 4) the sending of personal data to countries without an adequate level of data protection, and 5) the continued absence of transparency around tracking, partly due to design decisions by Apple and Google. Overall, we find that neither platform is clearly better than the other for privacy across the dimensions we studied.