7,206 research outputs found
Location-Privacy Leakage and Integrated Solutions for 5G Cellular Networks and Beyond
The fifth generation (5G) of cellular networks improves the precision of user localization and provides the means to disclose location information to over-the-top (OTT) service providers. The network data analytics function (NWDAF) can further elaborate this information at an aggregated level using artificial intelligence techniques. These powerful features may lead to the improper use of user location information by mobile network operators (MNOs) and OTT service providers. Moreover, vulnerabilities at various layers may also leak user location information to eavesdroppers. Hence, the privacy of users is likely at risk, as location is part of their sensitive data. In this paper, we first go through the evolution of localization in cellular networks and investigate their effects on location privacy. Then, we propose a location-privacy-preserving integrated solution comprising virtual private mobile networks, an independent authentication and billing authority, and functions to protect wireless signals against location information leakage. Moreover, we advocate the continuous and detailed control of localization services by the user
Characterizing Location-based Mobile Tracking in Mobile Ad Networks
Mobile apps nowadays are often packaged with third-party ad libraries to
monetize user data
On the Privacy Practices of Just Plain Sites
In addition to visiting high profile sites such as Facebook and Google, web
users often visit more modest sites, such as those operated by bloggers, or by
local organizations such as schools. Such sites, which we call "Just Plain
Sites" (JPSs) are likely to inadvertently represent greater privacy risks than
high profile sites by virtue of being unable to afford privacy expertise. To
assess the prevalence of the privacy risks to which JPSs may inadvertently be
exposing their visitors, we analyzed a number of easily observed privacy
practices of such sites. We found that many JPSs collect a great deal of
information from their visitors, share a great deal of information about their
visitors with third parties, permit a great deal of tracking of their visitors,
and use deprecated or unsafe security practices. Our goal in this work is not
to scold JPS operators, but to raise awareness of these facts among both JPS
operators and visitors, possibly encouraging the operators of such sites to
take greater care in their implementations, and visitors to take greater care
in how, when, and what they share.Comment: 10 pages, 7 figures, 6 tables, 5 authors, and a partridge in a pear
tre
MobileAppScrutinator: A Simple yet Efficient Dynamic Analysis Approach for Detecting Privacy Leaks across Mobile OSs
Smartphones, the devices we carry everywhere with us, are being heavily
tracked and have undoubtedly become a major threat to our privacy. As "tracking
the trackers" has become a necessity, various static and dynamic analysis tools
have been developed in the past. However, today, we still lack suitable tools
to detect, measure and compare the ongoing tracking across mobile OSs. To this
end, we propose MobileAppScrutinator, based on a simple yet efficient dynamic
analysis approach, that works on both Android and iOS (the two most popular OSs
today). To demonstrate the current trend in tracking, we select 140 most
representative Apps available on both Android and iOS AppStores and test them
with MobileAppScrutinator. In fact, choosing the same set of apps on both
Android and iOS also enables us to compare the ongoing tracking on these two
OSs. Finally, we also discuss the effectiveness of privacy safeguards available
on Android and iOS. We show that neither Android nor iOS privacy safeguards in
their present state are completely satisfying
- …