More Like this

1. Comparative Privacy Analysis of Mobile Browsers

   https://doi.org/10.1145/3577923.3583638  

   Zafar, Ahsan; Das, Anupam (April 2023, Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy (CODASPY))

   Online trackers are invasive as they track our digital footprints, many of which are sensitive in nature, and when aggregated over time, they can help infer intricate details about our lifestyles and habits. Although much research has been conducted to understand the effectiveness of existing countermeasures for the desktop platform, little is known about how mobile browsers have evolved to handle online trackers. With mobile devices now generating more web traffic than their desktop counterparts, we fill this research gap through a large-scale comparative analysis of mobile web browsers. We crawl 10K valid websites from the Tranco list on real mobile devices. Our data collection process covers both popular generic browsers (e.g., Chrome, Firefox, and Safari) as well as privacy-focused browsers (e.g., Brave, Duck Duck Go, and Firefox-Focus). We use dynamic analysis of runtime execution traces and static analysis of source codes to highlight the tracking behavior of invasive fingerprinters. We also find evidence of tailored content being served to different browsers. In particular, we note that Firefox Focus sees altered script code, whereas Brave and Duck Duck Go have highly similar content. To test the privacy protection of browsers, we measure the responses of each browser in blocking trackers and advertisers and note the strengths and weaknesses of privacy browsers. To establish ground truth, we use well-known block lists, including EasyList, EasyPrivacy, Disconnect and WhoTracksMe and find that Brave generally blocks the highest number of content that should be blocked as per these lists. Focus performs better against social trackers, and Duck Duck Go restricts third-party trackers that perform email-based tracking. 

   more » « less
2. Preserving privacy in mobile spatial computing

   https://doi.org/10.1145/3534088.3534343  

   Wu, Nan; Cheng, Ruizhi; Chen, Songqing; Han, Bo (June 2022, Proceedings of the 32nd Workshop on Network and Operating Systems Support for Digital Audio and Video)
3. Privacy Leak Classification from Mobile Devices

   Shuba, A.; Bakopoulou, E; Markopoulou, A (June 2018, In Proc. of SPAWC (19th IEEE Int’l Workshop in Signal Processing Advances in Wireless Communications)

   Mobile devices have access to personal, potentially sensitive data, and there is a growing number of mobile apps that have access to it and often transmit this personally identifiable information (PII) over the network. In this paper, we present an approach for detecting such PII “leaks” in network packets going out of the device, by first monitoring network packets on the device itself and then applying classifiers that can predict with high accuracy whether a packet contains a PII leak and of which type. We evaluate the performance of our classifiers using datasets that we collected and analyzed from scratch. We also report preliminary results that show that collaboration among users can further improve classification accuracy, thus motivating crowdsourcing and/or distributed learning of privacy leaks. 

   more » « less
4. Privacy-Preserving Sharing of Mobile Sensor Data.

   https://doi.org/10.1007/978-3-030-99203-3_2  

   Liu, Yin; Dantas Cruz, Breno; Tilevich, Eli (January 2021, Mobile Computing, Applications, and Services. MobiCASE 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 434. Springer, Cham.)
5. Navigating the Privacy Compliance Maze: Understanding Risks with Privacy-Configurable Mobile SDKs

   Zhang, Y; Hu, Z; Wang, X; Hong, Y; Nan, Y; Wang, X; Cheng, J; Xing, L (August 2024, USENIX Security Symposium)