Permission-induced attacks, i.e., security breaches enabled by permission misuse, are among the most critical and frequent issues threatening the security of Android devices. By ignoring the temporal aspects of an attack during the analysis and enforcement, the state-of-the-art approaches aimed at protecting the users against such attacks are prone to have low-coverage in detection and high-disruption in prevention of permission-induced attacks. To address the aforementioned shortcomings, we present Terminator, a temporal permission analysis and enforcement framework for Android.
Recent introduction of a dynamic permission model in Android, allowing the users to grant and revoke permissions a at the installation of an app, has made it much harder to properly test apps. Since an app's behavior may change depending on the granted permissions, it needs to be tested under a wide range of granted permission combinations.
In the era of big data and personalization, websites and (mobile) applications collect an increasingly large amount of personal information about their users. The large majority of users decide to disclose some but not all information that is requested from them. They trade off the anticipated benefits with the privacy risks of disclosure, a decision process that has been dubbed privacy calculus. Such decisions are inherently difficult though, because they may have uncertain repercussions later on that are difficult to weigh against the (possibly immediate) gratification of disclosure. How can we help users to balance the benefits and risks of information disclosure in a user-friendly manner, so that they can make good privacy decisions?
Research shows that sharing one’s location can help people stay connected, coordinate daily activities, and provide a sense of comfort and safety [1]. Recently, smartphones and location-based services (LBS) have become widely available in developed countries [7], but only a small percentage of smartphone users have ever tried sharing location with other people [8]. Our work aims to understand real-world factors shaping behaviors and attitudes towards social location-sharing, especially in regards to why people avoid or abandon the technology, or limit their usage.
ISR
