6 research outputs found
Towards Fine-Grained Localization of Privacy Behaviors
Mobile applications are required to give privacy notices to users when they
collect or share personal information. Creating consistent and concise privacy
notices can be a challenging task for developers. Previous work has attempted
to help developers create privacy notices through a questionnaire or predefined
templates. In this paper, we propose a novel approach and a framework, called
PriGen, that extends these prior work. PriGen uses static analysis to identify
Android applications' code segments that process sensitive information (i.e.
permission-requiring code segments) and then leverages a Neural Machine
Translation model to translate them into privacy captions. We present the
initial evaluation of our translation task for ~300,000 code segments
On the privacy of web search based on query obfuscation: A case study of trackmenot
Abstract. Web Search is one of the most rapidly growing applications on the internet today. However, the current practice followed by most search engines – of logging and analyzing users ’ queries – raises serious privacy concerns. One viable solution to search privacy is query obfuscation, whereby a client-side software attempts to mask real user queries via injection of certain noisy queries. In contrast to other privacy-preserving search mechanisms, query obfuscation does not require server-side modifications or a third party infrastructure, thus allowing for ready deployment at the discretion of privacy-conscious users. In this paper, our higher level goal is to analyze whether query obfuscation can preserve users ’ privacy in practice against an adversarial search engine. We focus on TrackMeNot (TMN) [10, 20], a popular search privacy tool based on the principle of query obfuscation. We demonstrate that a search engine, equipped with only a short-term history of a user’s search queries, can break the privacy guarantees of TMN by only utilizing off-the-shelf machine learning classifiers
"On the Internet, Nobody Knows You're a Dog": A Twitter Case Study of Anonymity in Social Networks
ABSTRACT Twitter does not impose a Real-Name policy for usernames, giving users the freedom to choose how they want to be identified. This results in some users being Identifiable (disclosing their full name) and some being Anonymous (disclosing neither their first nor last name). In this work we perform a large-scale analysis of Twitter to study the prevalence and behavior of Anonymous and Identifiable users. We employ Amazon Mechanical Turk (AMT) to classify Twitter users as Highly Identifiable, Identifiable, Partially Anonymous, and Anonymous. We find that a significant fraction of accounts are Anonymous or Partially Anonymous, demonstrating the importance of Anonymity in Twitter. We then select several broad topic categories that are widely considered sensitive-including pornography, escort services, sexual orientation, religious and racial hatred, online drugs, and guns-and find that there is a correlation between content sensitivity and a user's choice to be anonymous. Finally, we find that Anonymous users are generally less inhibited to be active participants, as they tweet more, lurk less, follow more accounts, and are more willing to expose their activity to the general public. To our knowledge, this is the first paper to conduct a large-scale data-driven analysis of user anonymity in online social networks
PriGen: Towards Automated Translation of Android Applications' Code to Privacy Captions
Mobile applications are required to give privacy notices to the users when
they collect or share personal information. Creating consistent and concise
privacy notices can be a challenging task for developers. Previous work has
attempted to help developers create privacy notices through a questionnaire or
predefined templates. In this paper, we propose a novel approach and a
framework, called PriGen, that extends these prior work. PriGen uses static
analysis to identify Android applications' code segments which process
sensitive information (i.e. permission-requiring code segments) and then
leverages a Neural Machine Translation model to translate them into privacy
captions. We present the initial evaluation of our translation task for
300,000 code segments