research-article

Why Are They Collecting My Data?: Inferring the Purposes of Network Traffic in Mobile Apps

Authors:

Gaurav Srivastava,

Matthew Fredrikson,

Yuvraj Agarwal,

Jason I. HongAuthors Info & Claims

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Volume 2, Issue 4

Article No.: 173, Pages 1 - 27

https://doi.org/10.1145/3287051

Published: 27 December 2018 Publication History

Abstract

Many smartphone apps collect potentially sensitive personal data and send it to cloud servers. However, most mobile users have a poor understanding of why their data is being collected. We present MobiPurpose, a novel technique that can take a network request made by an Android app and then classify the data collection purposes, as one step towards making it possible to explain to non-experts the data disclosure contexts. Our purpose inference works by leveraging two observations: 1) developer naming conventions (e.g., URL paths) of ten offer hints as to data collection purposes, and 2) external knowledge, such as app metadata and information about the domain name, are meaningful cues that can be used to infer the behavior of different traffic requests. MobiPurpose parses each traffic request body into key-value pairs, and infers the data type and data collection purpose of each key-value pair using a combination of supervised learning and text pattern bootstrapping. We evaluated MobiPurpose's effectiveness using a dataset cross-labeled by ten human experts. Our results show that MobiPurpose can predict the data collection purpose with an average precision of 84% (among 19 unique categories).

Supplementary Material

jin (jin.zip)

Supplemental movie, appendix, image and software files for, "Why Are They Collecting My Data?": Inferring the Purposes of Network Traffic in Mobile Apps

Download
679.19 KB

References

[1]

42matters. 2018. Google Play Categories. https://42matters.com/docs/app-market-data/android/apps/google-play-categories. (2018). (Accessed on 02/11/2018).

[2]

Yuvraj Agarwal and Malcolm Hall. 2013. ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing. In Proceeding of the 11th annual international conference on Mobile systems, applications, and services. ACM, 97--110.

Digital Library

[3]

Eugene Agichtein and Luis Gravano. 2000. Snowball: Extracting relations from large plain-text collections. In Proceedings of the fifth ACM conference on Digital libraries. ACM, 85--94.

Digital Library

[4]

Noah Apthorpe, Yan Shvartzshnaider, Arunesh Mathur, Dillon Reisman, and Nick Feamster. 2018. Discovering Smart Home Internet of Things Privacy Norms Using Contextual Integrity. arXiv preprint arXiv:1805.06031 (2018).

Digital Library

[5]

Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, and David Lie. 2012. Pscout: analyzing the android permission specification. In Proceedings of the 2012 ACM conference on Computer and communications security. ACM, 217--228.

Digital Library

[6]

Nick Babich. 2016. Mobile App UX Design: Making a Great First Impression. https://uxplanet.org/mobile-app-ux-design-making-a-great-first-impression-bed2805b967d. (2016). (Accessed on 10/23/2018).

[7]

A.J. Bernheim Brush, John Krumm, and James Scott. 2010. Exploring End User Preferences for Location Obfuscation, Location-based Services, and the Value of Location. In Proceedings of the 12th ACM International Conference on Ubiquitous Computing (UbiComp '10). ACM, New York, NY, USA, 95--104.

Digital Library

[8]

Packet Capture. 2017. Packet Capture - Android Apps on Google Play. https://play.google.com/store/apps/details?id=app.greyshirts.sslcapture&hl=en. (2017). (Accessed on 11/10/2017).

[9]

Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, and Engin Kirda. 2016. CuriousDroid: automated user interface interaction for android application analysis sandboxes. In International Conference on Financial Cryptography and Data Security. Springer, 231--249.

[10]

Xin Chen and Sencun Zhu. 2015. DroidJust: Automated functionality-aware privacy leakage analysis for Android applications. In Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks. ACM.

Digital Library

[11]

Saksham Chitkara, Nishad Gothoskar, Suhas Harish, Jason I Hong, and Yuvraj Agarwal. 2017. Does this App Really Need My Location?: Context-Aware Privacy Management for Smartphones. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 1, 3 (2017), 42.

Digital Library

[12]

Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, and Giovanni Vigna. 2017. Obfuscation-resilient privacy leak detection for mobile apps through differential analysis. In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS).

[13]

Amit Datta, Michael Carl Tschantz, and Anupam Datta. 2015. Automated experiments on ad privacy settings. Proceedings on Privacy Enhancing Technologies 2015, 1 (2015), 92--112.

[14]

VIP Defense. 2017. VIP Defense - a privacy and anonymity keeping company. http://www.vipdefense.com/. (2017). (Accessed on 11/08/2017).

[15]

Biplab Deka, Zifeng Huang, Chad Franzen, Joshua Hibschman, Daniel Afergan, Yang Li, Jeffrey Nichols, and Ranjitha Kumar. 2017. Rico: A mobile app dataset for building data-driven design applications. In Proceedings of the 30th Annual ACM Symposium on User Interface Software and Technology. ACM, 845--854.

Digital Library

[16]

Nikolay Derkach. 2017. Tutorial: Reverse Engineering a Private API. https://www.toptal.com/back-end/reverse-engineering-the-private-api-hacking-your-couch. (2017). (Accessed on 11/04/2017).

[17]

Anthony Desnos and others. 2011. Androguard. URL: https://github.com/androguard/androguard (2011).

[18]

Apple Developer. 2018. Expected App Behaviors. https://developer.apple.com/library/content/documentation/iPhone/Conceptual/iPhoneOSProgrammingGuide/ExpectedAppBehaviors/ExpectedAppBehaviors.html. (2018). (Accessed on 01/31/2018).

[19]

Android Developers. 2017. Advertising ID. http://www.androiddocs.com/google/play-services/id.html. (2017). (Accessed on 12/30/2017).

[20]

Android Developers. 2017. Requesting Permissions. https://developer.android.com/guide/topics/permissions/requesting.html. (2017). (Accessed on 11/10/2017).

[21]

Android Developers. 2017. UUID. https://developer.android.com/reference/java/util/UUID.html. (2017). (Accessed on 12/30/2017).

[22]

Android Developers. 2018. Best Practices for Unique Identifiers. https://developer.android.com/training/articles/user-data-ids.html. (2018). (Accessed on 02/14/2018).

[23]

Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. 2011. PiOS: Detecting privacy leaks in iOS applications. In NDSS 2011, 18th Annual Network and Distributed System Security Symposium, 6-9 February 2011, San Diego, CA, USA. San Diego, UNITED STATES. http://www.eurecom.fr/publication/3282

[24]

William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. 2014. TaintDroid: an information-flow tracking system for real-time privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS) 32, 2 (2014), 5.

Digital Library

[25]

Hossein Falaki, Dimitrios Lymberopoulos, Ratul Mahajan, Srikanth Kandula, and Deborah Estrin. 2010. A first look at traffic on smartphones. In Proceedings of the 10th ACM SIGCOMM conference on Internet measurement. ACM, 281--287.

Digital Library

[26]

Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, and David Wagner. 2012. Android permissions: User attention, comprehension, and behavior. In Proceedings of the eighth symposium on usable privacy and security. ACM.

Digital Library

[27]

Forcepoint. 2017. Forcepoint | Human-centric Cybersecurity. https://www.forcepoint.com/. (2017). (Accessed on 11/08/2017).

[28]

Alessandra Gorla, Ilaria Tavecchia, Florian Gross, and Andreas Zeller. 2014. Checking app behavior against app descriptions. In Proceedings of the 36th International Conference on Software Engineering. ACM, 1025--1035.

Digital Library

[29]

Seungyeop Han, Jaeyeon Jung, and David Wetherall. 2012. A study of third-party tracking by mobile apps in the wild. (2012).

[30]

Jason I Hong and James A Landay. 2004. An architecture for privacy-sensitive ubiquitous computing. In Proceedings of the 2nd international conference on Mobile systems, applications, and services. ACM, 177--189.

Digital Library

[31]

White House. 2012. Consumer data privacy in a networked world: A framework for protecting privacy and promoting innovation in the global digital economy. White House, Washington, DC (2012), 1--62.

[32]

Jeff Huang, Oren Etzioni, Luke Zettlemoyer, Kevin Clark, and Christian Lee. 2012. Revminer: An extractive interface for navigating reviews on a smartphone. In Proceedings of the 25th annual ACM symposium on User interface software and technology. ACM, 3--12.

Digital Library

[33]

Haojian Jin, Tetsuya Sakai, and Koji Yatani. 2014. ReviewCollage: a mobile interface for direct comparison using online reviews. In Proceedings of the 16th international conference on Human-computer interaction with mobile devices & services. ACM, 349--358.

Digital Library

[34]

Jaeyeon Jung, Anmol Sheth, Ben Greenstein, David Wetherall, Gabriel Maganis, and Tadayoshi Kohno. 2008. Privacy oracle: a system for finding application leaks with black box differential testing. In Proceedings of the 15th ACM conference on Computer and communications security. ACM, 279--288.

Digital Library

[35]

Kaggle. 2018. Test Leakage | Wiki. https://www.kaggle.com/wiki/Leakage. (2018). (Accessed on 02/15/2018).

[36]

CMU CHIMPS Lab. 2017. Privacygrade: Grading the privacy of smartphone apps. http://privacygrade.org/. (2017).

[37]

Anh Le, Janus Varmarken, Simon Langhoff, Anastasia Shuba, Minas Gjoka, and Athina Markopoulou. 2015. AntMonitor: A system for monitoring from mobile devices. In Proceedings of the 2015 ACM SIGCOMM Workshop on Crowdsourcing and Crowdsharing of Big (Internet) Data. ACM, 15--20.

Digital Library

[38]

Tianshi Li, Yuvraj Agarwal, and Jason I. Hong. 2019. Coconut: An IDE plugin for developing privacy-friendly apps. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. (2019).

Digital Library

[39]

Toby Jia-Jun Li, Amos Azaria, and Brad A Myers. 2017. SUGILITE: creating multimodal smartphone automation by demonstration. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. ACM, 6038--6049.

Digital Library

[40]

Toby Jia-Jun Li and Oriana Riva. 2018. KITE: Building conversational bots from mobile apps. In Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services. ACM, 96--109.

Digital Library

[41]

Yuanchun Li, Ziyue Yang, Yao Guo, and Xiangqun Chen. 2017. DroidBot: a lightweight UI-guided test input generator for Android. In Proceedings of the 39th International Conference on Software Engineering Companion. IEEE Press, 23--26.

Digital Library

[42]

Chieh-Jan Mike Liang, Nicholas D. Lane, Niels Brouwers, Li Zhang, Börje F. Karlsson, Hao Liu, Yan Liu, Jun Tang, Xiang Shan, Ranveer Chandra, and Feng Zhao. 2014. Caiipa: Automated Large-scale Mobile App Testing Through Contextual Fuzzing. In Proceedings of the 20th Annual International Conference on Mobile Computing and Networking (MobiCom '14). ACM, New York, NY, USA, 519--530.

Digital Library

[43]

Jialiu Lin, Shahriyar Amini, Jason I Hong, Norman Sadeh, Janne Lindqvist, and Joy Zhang. 2012. Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing. In Proceedings of the 2012 ACM Conference on Ubiquitous Computing. ACM, 501--510.

Digital Library

[44]

Jialiu Lin, Bin Liu, Norman Sadeh, and Jason I. Hong. 2014. Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings. (2014), 199--212.

Digital Library

[45]

Yabing Liu, Han Hee Song, Ignacio Bermudez, Alan Mislove, Mario Baldi, and Alok Tongaonkar. 2015. Identifying personal information in internet traffic. In Proceedings of the 2015 ACM on Conference on Online Social Networks. ACM, 59--70.

Digital Library

[46]

Sina Madani. 2013. Development and Evaluation of an Ontology-Based Quality Metrics Extraction System. (2013).

[47]

Luka Malisa, Kari Kostiainen, and Srdjan Capkun. 2017. Detecting Mobile Application Spoofing Attacks by Leveraging User Visual Similarity Perception. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy (CODASPY '17). ACM, New York, NY, USA, 289--300.

Digital Library

[48]

Kirsten Martin and Katie Shilton. 2016. Putting mobile application privacy in context: An empirical study of user privacy expectations for mobile devices. The Information Society 32, 3 (2016), 200--216.

Digital Library

[49]

Mike Masnick. 2018. Court Says Scraping Websites And Creating Fake Profiles Can Be Protected By The First Amendment | Techdirt. https://www.techdirt.com/articles/20180401/22565539541/court-says-scraping-websites-creating-fake-profiles-can-be-protected-first-amendment.shtml. (2018). (Accessed on 10/24/2018).

[50]

Hajime Morita, Tetsuya Sakai, and Manabu Okumura. 2012. Query snowball: a co-occurrence-based approach to multi-document summarization for question answering. Information and Media Technologies 7, 3 (2012), 1124--1129.

[51]

Rob Neuhaus. 2018. rrenaud/Gibberish-Detector: A small program to detect gibberish using a Markov Chain. https://github.com/rrenaud/Gibberish-Detector. (2018). (Accessed on 01/15/2018).

[52]

Annalee Newitz. 2005. Dangerous Terms: A User's Guide to EULAs | Electronic Frontier Foundation. https://www.eff.org/wp/dangerous-terms-users-guide-eulas. (2005). (Accessed on 10/24/2018).

[53]

Helen Nissenbaum. 2004. Privacy as contextual integrity. Wash. L. Rev. 79 (2004), 119.

[54]

Helen Nissenbaum. 2009. Privacy in context: Technology, policy, and the integrity of social life. Stanford University Press.

Digital Library

[55]

Peter Norvig. 2009. Natural language corpus data. (2009).

[56]

Jeff Pan. 2017. Reverse Engineering the AirBNB API. https://medium.com/switchcm/reverse-engineering-the-airbnb-api-c0f5cb609b. (2017). (Accessed on 11/04/2017).

[57]

Rahul Pandita, Xusheng Xiao, Wei Yang, William Enck, and Tao Xie. WHYPER: Towards Automating Risk Assessment of Mobile Applications.

[58]

Zhengyang Qu, Vaibhav Rastogi, Xinyi Zhang, Yan Chen, Tiantian Zhu, and Zhong Chen. 2014. Autocog: Measuring the description-to-permission fidelity in android applications. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1354--1365.

Digital Library

[59]

Vaibhav Rastogi, Yan Chen, and William Enck. 2013. AppsPlayground: automatic security analysis of smartphone applications. In Proceedings of the third ACM conference on Data and application security and privacy. ACM, 209--220.

Digital Library

[60]

Abbas Razaghpanah, Rishab Nithyanand, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Mark Allman, Christian Kreibich, and Phillipa Gill. 2018. Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem. (2018).

[61]

Jingjing Ren, Ashwin Rao, Martina Lindorfer, Arnaud Legout, and David Choffnes. 2016. Recon: Revealing and controlling pii leaks in mobile network traffic. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. ACM, 361--374.

Digital Library

[62]

Irwin Reyes, Primal Wiesekera, Abbas Razaghpanah, Joel Reardon, Narseo Vallina-Rodriguez, Serge Egelman, and Christian Kreibich. 2017. "Is Our Children's Apps Learning?" Automatically Detecting COPPA Violations. (2017).

[63]

Luke Rolka. 2012. Infographic: How to Solve the Online Registration Challenge | Janrain. https://www.janrain.com/blog/infographic-how-solve-online-registration-challenge. (2012). (Accessed on 10/23/2018).

[64]

Objective Development Software. 2017. Little Snitch 4: Makes the invisible visible! https://www.obdev.at/products/littlesnitch/index.html. (2017). (Accessed on 07/28/2017).

[65]

Yihang Song and Urs Hengartner. 2015. Privacyguard: A vpn-based platform to detect information leakage on android devices. In Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices. ACM, 15--26.

Digital Library

[66]

Gaurav Srivastava, Saksham Chitkara, Kevin Ku, Swarup Kumar Sahoo, Matt Fredrikson, Jason Hong, and Yuvraj Agarwal. 2017. PrivacyProxy: Leveraging Crowdsourcing and In Situ Traffic Analysis to Detect and Mitigate Information Leakage. arXiv preprint arXiv:1708.06384 (2017).

[67]

Android Studio. 2018. UI/Application Exerciser Monkey. https://developer.android.com/studio/test/monkey.html. (2018). (Accessed on 02/02/2018).

[68]

Joshua Tan, Khanh Nguyen, Michael Theodorides, Heidi Negrón-Arroyo, Christopher Thompson, Serge Egelman, and David Wagner. 2014. The Effect of Developer-specified Explanations for Permission Requests on Smartphone User Behavior. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '14). ACM, New York, NY, USA, 91--100.

Digital Library

[69]

template.com. 2018. EULA Template and Generator - Free and for 2018. https://eulatemplate.com/. (2018). (Accessed on 10/24/2018).

[70]

Max Van Kleek, Ilaria Liccardi, Reuben Binns, Jun Zhao, Daniel J Weitzner, and Nigel Shadbolt. 2017. Better the devil you know: Exposing the data sharing practices of smartphone apps. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. ACM, 5208--5220.

Digital Library

[71]

Haoyu Wang, Jason Hong, and Yao Guo. 2015. Using text mining to infer the purpose of permission use in mobile apps. In Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing. ACM, 1107--1118.

Digital Library

[72]

Jiayu Wang and Qigeng Chen. 2014. ASPG: Generating android semantic permissions. In Computational Science and Engineering (CSE), 2014 IEEE 17th International Conference on. IEEE, 591--598.

Digital Library

[73]

Fengguo Wei, Sankardas Roy, Xinming Ou, and others. 2014. Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1329--1341.

Digital Library

[74]

Ryan Welton. 2018. Fuzion24/JustTrustMe: An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning. https://github.com/Fuzion24/JustTrustMe. (2018). (Accessed on 02/11/2018).

[75]

Wikipedia. 2018. Card sorting - Wikipedia. https://en.wikipedia.org/wiki/Card_sorting. (2018). (Accessed on 08/15/2018).

[76]

Wireshark. 2017. Wireshark · Go Deep. https://www.wireshark.org/. (2017). (Accessed on 08/28/2017).

[77]

Jinyan Zang, Krysta Dummit, James Graves, Paul Lisker, and Latanya Sweeney. 2015. Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps. Technology Science 30 (2015).

[78]

Hao Zhang, William Banick, Danfeng Yao, and Naren Ramakrishnan. 2012. User intention-based traffic dependence analysis for anomaly detection. In Security and Privacy Workshops (SPW), 2012 IEEE Symposium on. IEEE, 104--112.

Digital Library

Cited By

Cruz SLu CUlloa MRedding AHester JJacobs M(2024)Perceptions of Wearable Health Tools Post the COVID-19 Emergency in Low-Income Latin Communities: Qualitative StudyJMIR mHealth and uHealth10.2196/5082612(e50826)Online publication date: 8-May-2024
https://doi.org/10.2196/50826
Figueira OTrimananda RMarkopoulou AJordan SVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)DiffAudit: Auditing Privacy Practices of Online Services for Children and AdolescentsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3688416(488-504)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3688416
Li TCranor LAgarwal YHong J(2024)MatchaProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36435448:1(1-38)Online publication date: 6-Mar-2024
https://dl.acm.org/doi/10.1145/3643544
Show More Cited By

Index Terms

Why Are They Collecting My Data?: Inferring the Purposes of Network Traffic in Mobile Apps
1. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Privacy protections

Recommendations

An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective
WWW '17: Proceedings of the 26th International Conference on World Wide Web

With the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper ...
A lightweight user tracking method for app providers
CF '16: Proceedings of the ACM International Conference on Computing Frontiers

Since 2013, Google and Apple no longer allow app providers to use the persistent device identifiers (Android ID and UDID) for user tracking on mobile devices. Other tracking options provoke either severe privacy concerns, need additional hardware or are ...
Droid M+: Developer Support for Imbibing Android's New Permission Model
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

In Android 6.0, Google revamped its long criticized permission model to prompt the user during runtime, and allow her to dynamically revoke granted permissions. Towards steering developers to this new model and improve user experience, Google also ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies Volume 2, Issue 4

December 2018

1169 pages

EISSN:2474-9567

DOI:10.1145/3301777

Issue’s Table of Contents

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 December 2018

Accepted: 01 October 2018

Revised: 01 August 2018

Received: 01 February 2018

Published in IMWUT Volume 2, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

28
Total Citations
View Citations
1,111
Total Downloads

Downloads (Last 12 months)115
Downloads (Last 6 weeks)12

Reflects downloads up to 01 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Cruz SLu CUlloa MRedding AHester JJacobs M(2024)Perceptions of Wearable Health Tools Post the COVID-19 Emergency in Low-Income Latin Communities: Qualitative StudyJMIR mHealth and uHealth10.2196/5082612(e50826)Online publication date: 8-May-2024
https://doi.org/10.2196/50826
Figueira OTrimananda RMarkopoulou AJordan SVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)DiffAudit: Auditing Privacy Practices of Online Services for Children and AdolescentsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3688416(488-504)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3688416
Li TCranor LAgarwal YHong J(2024)MatchaProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36435448:1(1-38)Online publication date: 6-Mar-2024
https://dl.acm.org/doi/10.1145/3643544
Bourdoucen ALindqvist J(2024)Privacy of Default Apps in Apple’s Mobile EcosystemProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642831(1-32)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642831
Xiao YLi ZQin YBai XGuan JLiao XXing LCalandrino JTroncoso C(2023)LalaineProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620299(1091-1108)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620299
Bui DTang BShin K(2023)Detection of Inconsistencies in Privacy Practices of Browser Extensions2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179338(2780-2798)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179338
Malviya VTun YLeow CXynyn AShar LJiang LBissyandé TKlein JBird CSarro F(2023)Fine-Grained In-Context Permission Classification for Android Apps Using Control-Flow Graph EmbeddingProceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering10.1109/ASE56229.2023.00056(1225-1237)Online publication date: 11-Nov-2023
https://dl.acm.org/doi/10.1109/ASE56229.2023.00056
Yuan HBoakes MMa XCao DLi S(2023)Visualising Personal Data Flows: Insights from a Case Study of Booking.comIntelligent Information Systems10.1007/978-3-031-34674-3_7(52-60)Online publication date: 8-Jun-2023
https://doi.org/10.1007/978-3-031-34674-3_7
Leith D(2023)What Data Do the Google Dialer and Messages Apps on Android Send to Google?Security and Privacy in Communication Networks10.1007/978-3-031-25538-0_29(549-568)Online publication date: 4-Feb-2023
https://doi.org/10.1007/978-3-031-25538-0_29
Malviya VLeow CKasthuri ATun YShar LJiang L(2022)Right to Know, Right to Refuse: Towards UI Perception-Based Automated Fine-Grained Permission Controls for Android AppsProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3559556(1-6)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3559556
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents