Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Turning the Table Around: Monitoring App Behavior
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). (PriSec)ORCID iD: 0000-0002-5235-5335
2018 (English)In: Sicherheit 2018, Lecture Notes in Informatics (LNI), GesellschaftfürInformatik, Bonn 2018 / [ed] H. Langweg, M. Meier, B.C. Witt, D. Reinhardt, Bonn, 2018, Vol. P-281, p. 279-284, article id sicherheit2018-25Conference paper, Published paper (Refereed)
Abstract [en]

Since Android apps receive white-card access through permissions, users struggle to understand the actual magnitude of app access to their personal data. Due to unavailability of statistical or other tools that would provide an overview of data access or privilege use, users can hardly assess privacy risks or identify app misbehavior. This is a problem for data subjects. The presented PhD research project aims at creating a transparency-enhancing technology that helps users to assess the magnitude of data access of installed apps by monitoring the Android permission access control system. This article will present how apps exercise their permissions, based on a pilot study with an app monitoring tool. It then presents a prototypical implementation of a networked laboratory for crowd-sourcing app behavior data. Finally, the article presents and discusses a model that will use the collected data to calculate and visualize risk signals based on individual risk preferences and measured app data access efforts.

Place, publisher, year, edition, pages
Bonn, 2018. Vol. P-281, p. 279-284, article id sicherheit2018-25
Series
Lecture Notes in Informatics (LNI), GesellschaftfürInformatik, ISSN 1617-5468 ; P-281
Keywords [en]
App Behavior, Privacy Preservation, Transparency.
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:kau:diva-68568DOI: 10.18420/sicherheit2018_25ISBN: 978-3-88579-675-6 (print)OAI: oai:DiVA.org:kau-68568DiVA, id: diva2:1232946
Conference
Sicherheit 2018, 25-27 April, Konstanz, Germany
Available from: 2018-07-13 Created: 2018-07-13 Last updated: 2018-07-23
In thesis
1. Towards Measuring Apps' Privacy-Friendliness
Open this publication in new window or tab >>Towards Measuring Apps' Privacy-Friendliness
2018 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Today's phone could be described as a charismatic tool that has the ability to keep human beings captivated for a considerable amount of their precious time. Users remain in the illusory wonderland with free services, while their data becomes the subject to monetizing by a genie called big data. In other words, users pay with their personal data but the price is in a way invisible. Poor means to observe and to assess the consequences of data disclosure causes hindrance for the user to be aware of and to take preventive measures.

Mobile operating systems use permission-based access control mechanism to guard system resources and sensors. Depending on the type, apps require explicit consent from the user in order to avail access to those permissions. Nonetheless, it does not put any constraint on access frequency. Granted privileges allow apps to access to users' personal information for indefinite period of time until being revoked explicitly. Available control tools lack monitoring facility which undermines the performance of access control model. It has the ability to create privacy risks and nontransparent handling of personal information for the data subject.

This thesis argues that app behavior analysis yields information which has the potential to increase transparency, to enhance privacy protection, to raise awareness regarding consequences of data disclosure, and to assist the user in informed decision making while selecting apps or services. It introduces models and methods, and demonstrates the risks with experiment results. It also takes the risks into account and makes an effort to determine apps' privacy-friendliness based on empirical data from app-behavior analysis.

Abstract [en]

Today's phone could be described as a charismatic tool that has the ability to keep human beings captivated for a considerable amount of their precious time. Users remain in the illusory wonderland with free services, while their data becomes the subject to monetizing by a genie called big data. In other words, users pay with their personal data but the price is in a way invisible. They face hindrance to be aware of and to take preventive measures because of poor means to observe and to assess consequences of data disclosure. Available control tools lack monitoring properties that do not allow the user to comprehend the magnitude of personal data access. Such circumstances can create privacy risks, erode intervenability of access control mechanism and lead to opaque handling of personal information for the data subject.

This thesis argues that app behavior analysis yields information which has the potential to increase transparency, to enhance privacy protection, to raise awareness regarding consequences of data disclosure, and to assist the user in informed decision making while selecting apps or services. It introduces models and methods, and demonstrates the data disclosure risks with experimental results. It also takes the risks into account and makes an effort to determine apps' privacy-friendliness based on empirical data from app-behavior analysis.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2018. p. 27
Series
Karlstad University Studies, ISSN 1403-8099 ; 2018:31
Keywords
Mobile OS, Apps, User data, Transparency, Privacy
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-68569 (URN)978-91-7063-864-0 (ISBN)978-91-7063-959-3 (ISBN)
Presentation
2018-09-07, 1D 222, Universitetsgatan 2, Karlstad, 10:15 (English)
Opponent
Supervisors
Available from: 2018-08-17 Created: 2018-07-23 Last updated: 2018-08-17Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textTurning the Table Around: Monitoring App Behavior

Authority records BETA

Momen, Nurul

Search in DiVA

By author/editor
Momen, Nurul
By organisation
Department of Mathematics and Computer Science (from 2013)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 17 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf