Apex: extending Android permission model and enforcement with user-defined runtime constraints
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Proceedings of the 17th ACM conference on Computer and communications security
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Privad: practical privacy in online advertising
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
The effectiveness of application permissions
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
SpotME If You Can: Randomized Responses for Location Obfuscation on Mobile Phones
ICDCS '11 Proceedings of the 2011 31st International Conference on Distributed Computing Systems
Pervasive Advertising
MockDroid: trading privacy for application functionality on smartphones
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
AdSplit: separating smartphone advertising from applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
What's app?: a wide-scale measurement study of smart phone markets
ACM SIGMOBILE Mobile Computing and Communications Review
Breaking for commercials: characterizing mobile advertising
Proceedings of the 2012 ACM conference on Internet measurement conference
How expensive are free smartphone apps?
ACM SIGMOBILE Mobile Computing and Communications Review
Meddle: middleboxes for increased transparency and control of mobile traffic
Proceedings of the 2012 ACM conference on CoNEXT student workshop
Towards an understanding of the impact of advertising on data leaks
International Journal of Security and Networks
Prefetching mobile ads: can advertising systems afford it?
Proceedings of the 8th ACM European Conference on Computer Systems
Understanding mobile app usage patterns using in-app advertisements
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
Information bazaar: a contextual evaluation
Proceedings of the 5th ACM workshop on HotPlanet
Personal cloudlets for privacy and resource efficiency in mobile in-app advertising
Proceedings of the first international workshop on Mobile cloud computing & networking
A case of collusion: a study of the interface between ad libraries and their apps
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
Challenges of keyword-based location disclosure
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Information leakage through mobile analytics services
Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
Hi-index | 0.00 |
Application markets have revolutionized the software download model of mobile phones: third-party application developers offer software on the market that users can effortlessly install on their phones. This great step forward, however, also imposes some threats to user privacy: applications often ask for permissions that reveal private information such as the user's location, contacts and messages. While some mechanisms to prevent leaks of user privacy to applications have been proposed by the research community, these solutions fail to consider that application markets are primarily driven by advertisements that rely on accurately profiling the user. In this paper we take into account that there are two parties with conflicting interests: the user, interested in maintaining their privacy and the developer who would like to maximize their advertisement revenue through user profiling. We have conducted an extensive analysis of more than 250,000 applications in the Android market. Our results indicate that the current privacy protection mechanisms are not effective as developers and advert companies are not deterred. Therefore, we designed and implemented a market-aware privacy protection framework that aims to achieve an equilibrium between the developer's revenue and the user's privacy. The proposed framework is based on the establishment of a feedback control loop that adjusts the level of privacy protection on mobile phones, in response to advertisement generated revenue.