Privacy Consistency Analyzer for Android Applications

被引:4
|
作者
Maitra, Sayan [1 ]
Suh, Bohyun [1 ]
Ghanavati, Sepideh [1 ]
机构
[1] Texas Tech Univ, Comp Sci Engn, Lubbock, TX 79409 USA
来源
2018 IEEE 5TH INTERNATIONAL WORKSHOP ON EVOLVING SECURITY & PRIVACY REQUIREMENTS ENGINEERING (ESPRE 2018) | 2018年
关键词
Privacy Policy; Permission; Consistency Analysis;
D O I
10.1109/ESPRE.2018.00011
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Recent studies show that many Android applications either do not have a privacy policy in place or there are some inconsistencies between their application and the corresponding privacy policies. In this paper, we propose a new Privacy Consistency framework and its tool-support which aims to detect the inconsistencies between the Android applications and their privacy policies. We have evaluated our framework on 54 Android applications and have identified several mismatches and inconsistencies. Our Privacy Consistency framework serves as the first step towards a better understanding of permissions and the risks associated with them.
引用
收藏
页码:28 / 33
页数:6
相关论文
共 50 条
  • [41] Flowverine: Leveraging Dataflow Programming for Building Privacy-Sensitive Android Applications
    Gomes, Eduardo
    Zavalyshyn, Igor
    Santos, Nuno
    Silva, Joao
    Legay, Axel
    2020 IEEE 19TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2020), 2020, : 607 - 614
  • [42] Towards an Application-Based Notion of Anomalous Privacy Behavior in Android Applications
    AlSobeihy, Modhi M.
    2018 1ST INTERNATIONAL CONFERENCE ON COMPUTER APPLICATIONS & INFORMATION SECURITY (ICCAIS' 2018), 2018,
  • [43] Investigating Wearable Fitness Applications: Data Privacy and Digital Forensics Analysis on Android
    Hutchinson, Shinelle
    Mirza, Mohammad Meraj
    West, Nicholas
    Karabiyik, Umit
    Rogers, Marcus K.
    Mukherjee, Tathagata
    Aggarwal, Sudhir
    Chung, Haeyong
    Pettus-Davis, Carrie
    APPLIED SCIENCES-BASEL, 2022, 12 (19):
  • [44] A privacy stealing detection method based on behavior-chain for android applications
    Wang, Zhao-Guo
    Li, Cheng-Long
    Zhang, Luo-Shi
    Zhang, Ji-Bao
    Guan, Yi
    Xue, Yi-Bo
    Tien Tzu Hsueh Pao/Acta Electronica Sinica, 2015, 43 (09): : 1750 - 1755
  • [45] WatCA: The Waterloo Consistency Analyzer
    Fan, Hua
    Chatterjee, Shankha
    Golab, Wojciech
    2016 32ND IEEE INTERNATIONAL CONFERENCE ON DATA ENGINEERING (ICDE), 2016, : 1398 - 1401
  • [46] GUILeak: Tracing Privacy Policy Claims on User Input Data for Android Applications
    Wang, Xiaoyin
    Qin, Xue
    Hosseini, Mitra Bokaei
    Slavin, Rocky
    Breaux, Travis D.
    Niu, Jianwei
    PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), 2018, : 37 - 47
  • [47] Detecting Privacy Leaks in Android Hybrid Applications Based on Dynamic Taint Tracking
    Tang, Junwei
    Li, Ruixuan
    Xiong, Zhiqiang
    Han, Hongmu
    Gu, Xiwu
    Proceedings - 2021 IEEE 19th International Conference on Embedded and Ubiquitous Computing, EUC 2021, 2021, : 193 - 200
  • [48] Android Device or a Privacy Compromise?
    Shruthi, K.
    Chinmayi, P. S.
    2019 IEEE 53RD INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY (ICCST 2019), 2019,
  • [49] Enigma of User Privacy in Android
    Dwivedi, Atul Kumar
    Kariya, Kanaiya
    Botti, Pranav
    SMART TRENDS IN INFORMATION TECHNOLOGY AND COMPUTER COMMUNICATIONS, SMARTCOM 2016, 2016, 628 : 796 - 803
  • [50] Privacy Protection Framework for Android
    Mishra, Bharavi
    Agarwal, Aastha
    Goel, Ayush
    Ansari, Aman Ahmad
    Gaur, Pramod
    Singh, Dilbag
    Lee, Heung-No
    IEEE ACCESS, 2022, 10 : 7973 - 7988
12345