Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
SoundSense: scalable sound sensing for people-centric applications on mobile phones
Proceedings of the 7th international conference on Mobile systems, applications, and services
A survey of computational location privacy
Personal and Ubiquitous Computing
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Lockr: better privacy for social networks
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Using mobile phones to determine transportation modes
ACM Transactions on Sensor Networks (TOSN)
Apex: extending Android permission model and enforcement with user-defined runtime constraints
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Compromising electromagnetic emanations of wired and wireless keyboards
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
EmotionSense: a mobile phones based adaptive platform for experimental social psychology research
Proceedings of the 12th ACM international conference on Ubiquitous computing
Proceedings of the 17th ACM conference on Computer and communications security
SensLoc: sensing everyday places and paths using less energy
Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems
Personal data vaults: a locus of control for personal data streams
Proceedings of the 6th International COnference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Privacy risks emerging from the adoption of innocuous wearable sensors in the mobile environment
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Mobile apps: it's time to move up to CondOS
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
(sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers
Proceedings of the 18th ACM conference on Computer and communications security
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
mConverse: inferring conversation episodes from respiratory measurements collected in the field
Proceedings of the 2nd Conference on Wireless Health
ACCessory: password inference using accelerometers on smartphones
Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
MockDroid: trading privacy for application functionality on smartphones
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
MaskIt: privately releasing user context streams for personalized mobile applications
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
Tapprints: your finger taps have fingerprints
Proceedings of the 10th international conference on Mobile systems, applications, and services
Android permissions: user attention, comprehension, and behavior
Proceedings of the Eighth Symposium on Usable Privacy and Security
Online pose classification and walking speed estimation using handheld devices
Proceedings of the 2012 ACM Conference on Ubiquitous Computing
StressSense: detecting stress in unconstrained acoustic environments using smartphones
Proceedings of the 2012 ACM Conference on Ubiquitous Computing
Practicality of accelerometer side channels on smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
Cloud-enabled privacy-preserving collaborative learning for mobile sensing
Proceedings of the 10th ACM Conference on Embedded Network Sensor Systems
Accurate caloric expenditure of bicyclists using cellphones
Proceedings of the 10th ACM Conference on Embedded Network Sensor Systems
A framework for context-aware privacy of sensor data on mobile systems
Proceedings of the 14th Workshop on Mobile Computing Systems and Applications
Auditeur: a mobile-cloud service platform for acoustic event detection on smartphones
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Leveraging graphical models to improve accuracy and reduce privacy risks of mobile sensing
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
πBox: a platform for privacy-preserving apps
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
Smart phones are used to collect and share personal data with untrustworthy third-party apps, often leading to data misuse and privacy violations. Unfortunately, state-of-the-art privacy mechanisms on Android provide inadequate access control and do not address the vulnerabilities that arise due to unmediated access to so-called innocuous sensors on these phones. We present ipShield, a framework that provides users with greater control over their resources at runtime. ipShield performs monitoring of every sensor accessed by an app and uses this information to perform privacy risk assessment. The risks are conveyed to the user as a list of possible inferences that can be drawn using the shared sensor data. Based on user-configured lists of allowed and private inferences, a recommendation consisting of binary privacy actions on individual sensors is generated. Finally, users are provided with options to override the recommended actions and manually configure context-aware fine-grained privacy rules. We implemented ipShield by modifying the AOSP on a Nexus 4 phone. Our evaluation indicates that running ipShield incurs negligible CPU and memory overhead and only a small reduction in battery life.