Improving User Choice Through Better Mobile Apps Transparency and Permissions Analysis
作者: Ilaria Liccardi , Joseph Pato , Daniel J. Weitzner
关键词:
摘要: Our personal information, habits, likes and dislikes can be all deduced from our mobile devices. Safeguarding privacy is therefore of great concern. Transparency individual control are bedrock principles but making informed choices about which apps to use has been shown difficult. In order understand the dynamics information collection in demonstrate value transparent access details applications permissions, we have gathered 528,433 on Google Play, analyzed permissions requested by each app. We develop a quantitative measure risk posed devising ‘sensitivity score’ represent number occurrences that read users where network communication possible. found 54% do not any data. The remaining 46% collect between 1 20 sensitive ability transmit it outside phone. sensitivity differs greatly free paid as well categories content rating. Sensitive often mixed with large amount low-risk hence difficult identify. Easily available scores could help more decision choosing an app pose less collecting information. Even though “self-described” suitable for certain subset (i.e children) might contain ratings permission requests appropriate or expected. experience doing this research shows obtain how data collected used analyzed. fact only 0.37% (1,991) show declared “privacy policy”. Therefore, make real users, distribution platforms should provide detailed their if accessed used. To achieve greater transparency control, currently raw description accessible analysis change design operating policies prior installation.
journalprivacyconfidentiality.org
sci-hub.st 参考文章(17)
Lorrie Faith Cranor, Aleecia M. McDonald, Beliefs and Behaviors: Internet Users' Understanding of Behavioral Advertising Social Science Research Network. ,(2010)
Alex Pentland, Nadav Aharony, Wei Pan, Composite Social Network for Predicting Mobile Apps Installation arXiv: Social and Information Networks. ,(2011)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Chris Jarabek, David Barrera, John Aycock, ThinAV Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12. pp. 209- 218 ,(2012) , 10.1145/2420950.2420983
Rebecca Balebako, Jaeyeon Jung, Wei Lu, Lorrie Faith Cranor, Carolyn Nguyen, "Little brothers watching you": raising awareness of data leaks on smartphones symposium on usable privacy and security. pp. 12- ,(2013) , 10.1145/2501604.2501616
David Barrera, H. G üne ş Kayacik, Paul C. van Oorschot, Anil Somayaji, A methodology for empirical analysis of permission-based security models and its application to android Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 73- 84 ,(2010) , 10.1145/1866307.1866317
Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, David Wagner, Android permissions: user attention, comprehension, and behavior symposium on usable privacy and security. pp. 3- ,(2012) , 10.1145/2335356.2335360
Katie Shilton, Four billion little brothers?: privacy, mobile phones, and ubiquitous data collection Communications of The ACM. ,vol. 52, pp. 48- 53 ,(2009) , 10.1145/1592761.1592778
Alastair R. Beresford, Andrew Rice, Nicholas Skehin, Ripduman Sohan, MockDroid Proceedings of the 12th Workshop on Mobile Computing Systems and Applications - HotMobile '11. pp. 49- 54 ,(2011) , 10.1145/2184489.2184500
Pern Hui Chia, Yusuke Yamamoto, N. Asokan, Is this app safe?: a large scale study on application permissions and risk signals the web conference. pp. 311- 320 ,(2012) , 10.1145/2187836.2187879