Assessing intrusiveness of smartphone apps

Zhang, Fan, M. Eng. Massachusetts Institute of Technology

Author(s)

Zhang, Fan, M. Eng. Massachusetts Institute of Technology

DownloadFull printable version (8.343Mb)

Alternative title

AppWindow : tracking mobile apps tracking you

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Hal Abelson.

Terms of use

M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

We tackle the challenge of improving transparency for smartphone apps by focusing on the intrusiveness component of assessing privacy risk. Specifically, we develop a framework for qualitatively assessing and quantitatively measuring the intrusiveness of apps based on their data access behavior. This framework has two essential components: 1) the Privacy Fingerprint, a concise yet holistic visual that captures the data access patterns unique to each app, including which types and under which privacy-relevant usage contexts sensitive data are collected, and 2) an Intrusiveness Score that numerically measures each app's level of intrusiveness, based on real data accesses gathered from empirical testing on about 40 popular Android apps across 4 app categories. Used together, the Privacy Fingerprint and Intrusiveness Score help smartphone users easily and accurately assess the relative intrusiveness of apps during the decision-making process of installing apps. Our study demonstrates that the Intrusiveness Score is especially useful in helping to compare apps that exhibit similar types of data accesses. Another major contribution of the thesis is the identification and quantification of the proportion of accesses that are made while the user is idle. As our preliminary user study will show, this level of idle access activity significantly enhances the profiling potential of apps, increasing the app's intrusiveness. When quantified, idle access activity exerts significant impact on changes in an app's Intrusiveness Score and its relative intrusiveness ranking within a given app category.

Description

Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2012.

Cataloged from PDF version of thesis.

Includes bibliographical references (pages 123-125).

Date issued

2012

URI

http://hdl.handle.net/1721.1/85534

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Graduate Theses