Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

5-2016

Abstract

While mobile platforms rely on developers to follow good practices in privacy design, developers might not always adhere. In addition, it is often difficult for users to understand the privacy behaviour of their applications without some prolonged usage. To aid in these issues, we describe on-going research to improve privacy protection by utilizing techniques that mine privacy information from application binaries as a grey-box (Automated Privacy Checking). The outputs can then be utilized to improve the users' ability to exercise privacy-motivated discretion. We conducted a user study to observe the effects of presenting information on leak-causing triggers within applications in the form of privacy message overlays. We found that while users' prior usage time largely determined their usage behaviour, presenting trigger information helped users who disapproved with data use and had sufficient understanding of the implications of data leaks. Users' inherent level of privacy consciousness and surprise levels were also factors in ensuring the effectiveness of messages.

Keywords

mobile privacy, binary analysis, user-behavioural factors

Discipline

Information Security | Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

CHI 2016: The 34th Annual CHI Conference on Human Factors in Computing Systems: San Jose, CA, May 7-12

First Page

1

Last Page

4

ISBN

9781450340823

Publisher

ACM

City or Country

New York

Copyright Owner and License

Authors

Additional URL

https://networkedprivacy2016.files.wordpress.com/2015/11/chi_workshop_camera_ready_leveraging-automated-privacy-checking.pdf

Download

Share

COinS