The goal of our work is to (a) capture people's expectations and surprises in using mobile apps in a scalable manner, and to (b) summarize these perceptions in a simple format to help people make better trust decisions. Our main idea is analyzing privacy in the form of people's expectations about what an app will and won't do, focusing on where an app breaks people's expectations. We are building an App Scanner that combines automated scanning techniques with crowdsourcing. Automated scanning captures the behavior of an app, while crowdsourcing is used to interpret how expected and acceptable this behavior is. This information is used as the basis for building a better privacy summary for apps. We have organized an interdisciplinary team with expertise in mobile computing, computer security, systems, and human-computer interaction.

Success in this work will include results in: (a) the design and implementation of an App Scanner that combines automated techniques with crowdsourcing techniques for analyzing and interpreting privacy-related behaviors of mobile apps; (b) a series of evaluations of this app scanner, showing effectiveness, accuracy, and scalability; (c) the design and evaluation of better privacy summaries, which prioritize and highlight the most unexpected behaviors of an app; and (d) demonstration of a new conceptualization of privacy, namely privacy as expectations. Success will also help end-users, corporate and government employees manage their privacy better than can be done today.

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Network Systems (CNS)
Type
Standard Grant (Standard)
Application #
1228813
Program Officer
deborah shands
Project Start
Project End
Budget Start
2012-09-01
Budget End
2016-08-31
Support Year
Fiscal Year
2012
Total Cost
$822,356
Indirect Cost
Name
Carnegie-Mellon University
Department
Type
DUNS #
City
Pittsburgh
State
PA
Country
United States
Zip Code
15213