skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


  • Home
  • Search Results
  • Page 1 of 1

Search for: All records

Award ID contains: 1748109

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. ; ; ; (, IEEE Pacific Rim International Symposium on Dependable Computing (PRDC))
    Full Text Available 
  2. ; ; (, Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis)
    Full Text Available 
  3. ; ; ; (, ACM Symposium on Access Control Models & Technologies (SACMAT))
    Full Text Available 
  4. ; ; ; ; (, International Conference on Software Engineering)
    Full Text Available 
  5. ; ; ; ; (, Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security)
    Full Text Available 
  6. ; ; ; ; ; (, Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security)
    Full Text Available 
  7. ; ; ; ; ; (, Proceedings - International Conference on Software Engineering)
    The Android mobile platform supports billions of devices across more than 190 countries around the world. This popularity coupled with user data collection by Android apps has made privacy protection a well-known challenge in the Android ecosystem. In practice, app producers provide privacy policies disclosing what information is collected and processed by the app. However, it is difficult to trace such claims to the corresponding app code to verify whether the implementation is consistent with the policy. Existing approaches for privacy policy alignment focus on information directly accessed through the Android platform (e.g., location and device ID), but are unable to handle user input, a major source of private information. In this paper, we propose a novel approach that automatically detects privacy leaks of user-entered data for a given Android app and determines whether such leakage may violate the app's privacy policy claims. For evaluation, we applied our approach to 120 popular apps from three privacy-relevant app categories: finance, health, and dating. The results show that our approach was able to detect 21 strong violations and 18 weak violations from the studied apps. 
    more » « less
    Full Text Available 
  8. ; ; ; (, AAAI Workshop on NLP for Software Engineering)
    Android mobile applications collect information in various ways to provide users with functionalities and services. An Android app's permission manifest and privacy policy are documents that provide users with guidelines about what information type is being collected. However, the information types mentioned in these files are often abstract and does not include the fine grained information types being collected through user input fields in applications. Existing approaches focus on API calls in the application code and are able to reveal what information types are being collected. However, they are unable to identify the information types based on direct user input as a major source of private information. In this paper, we propose to direct apply natural language processing approach to Android layout code to identify information types associated with input fields in applications. 
    more » « less
    Accepted Manuscript Full Text Available