Enhanced Identification of Sensitive User Inputs in Mobile Applications

Mashael Aldayel; Mohammad Alhussain

doi:10.5220/0006238405060515

Enhanced Identification of Sensitive User Inputs in Mobile Applications

Mashael Aldayel, Mohammad Alhussain

2017

Abstract

While smartphones and its apps have a fundamental role in our lives, privacy is a critical issue. With the constantly growth of mobile applications, smartphones are now capable of satisfying all kinds of users’ needs, dealing with more private and restricted tasks by the users and gain more access to sensitive and private data. This issue is even worse with the current absence of methods that can notify users of possibly dangerous privacy leaks in mobile apps without disturbing users with apps’ legitimate privacy exposes. Previous mobile privacy disclosure approaches are mostly concentrated on well-defined sources controlled by smartphones. They do not cover all sensitive data associated with users’ privacy. Also, they cannot filter out legitimate privacy disclosures that are commonly found in detection results and consecutively conceal true threats. Sensitive user inputs through UI (User Interface), are the dominant type of sensitive data that has been almost ignored. Defending this kind of information cannot be accomplished automatically using existing techniques because it necessitates understanding of user inputs' semantics in apps, before identifying its positions. Moreover, eliminating legitimate privacy disclosures necessaries tracking of the related app data flows form these users’ inputs to various sinks. Such tracking will help to determine if this privacy disclosure is valid or suspicious. To address all these important issues, we propose an enhanced approach for detecting users’ inputs privacy disclosures that are truly suspicious.

Download

Paper Citation

in Harvard Style

Aldayel M. and Alhussain M. (2017). Enhanced Identification of Sensitive User Inputs in Mobile Applications . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 506-515. DOI: 10.5220/0006238405060515

in Bibtex Style

@conference{icissp17,
author={Mashael Aldayel and Mohammad Alhussain},
title={Enhanced Identification of Sensitive User Inputs in Mobile Applications},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={506-515},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006238405060515},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Enhanced Identification of Sensitive User Inputs in Mobile Applications
SN - 978-989-758-209-7
AU - Aldayel M.
AU - Alhussain M.
PY - 2017
SP - 506
EP - 515
DO - 10.5220/0006238405060515