scholarly journals mPrivacy: A Privacy Policy Engine and Safeguard Mechanism in Mobile Devices

2021 ◽  
Vol 11 (24) ◽  
pp. 11629
Author(s):  
Zhong Zhang ◽  
Minho Shin
Keyword(s):  
Mobile Devices ◽  
Private Information ◽  
Privacy Protection ◽  
Information Quality ◽  
Privacy Policy ◽  
Protection Mechanism ◽  
New Information ◽  
Inference Algorithms ◽  
Protection Mechanisms ◽  
Safeguard Mechanism

Within the scope of mobile privacy, there are many attack methods that can leak users’ private information. The communication between applications can be used to violate permissions and access private information without asking for the user’s authorization. Hence, many researchers made protection mechanisms against privilege escalation. However, attackers can further utilize inference algorithms to derive new information out of available data or improve the information quality without violating privilege limits. In this work. we describe the notion of Information Escalation Attack and propose a detection and protection mechanism using Inference Graph and Policy Engine for the user to control their policy on the App’s privilege in information escalation. Our implementation results show that the proposed privacy protection service is feasible and provides good useability.

scholarly journals Methodology for Forensics Data Reconstruction on Mobile Devices with Android Operating System Applying In-System Programming and Combination Firmware

2020 ◽  
Vol 10 (12) ◽  
pp. 4231
Author(s):  
Claudinei Morin da Silveira ◽  
Rafael T. de Sousa Jr ◽  
Robson de Oliveira Albuquerque ◽  
Georges D. Amvame Nze ◽  
Gildásio Antonio de Oliveira Júnior ◽  
...  
Keyword(s):  
Operating System ◽  
Data Acquisition ◽  
Mobile Devices ◽  
Forensic Analysis ◽  
Main Memory ◽  
Protection Mechanism ◽  
Data Preservation ◽  
Protection Mechanisms ◽  
Android Operating System ◽  
System Programming

This paper proposes a new forensic analysis methodology that combines processes, techniques, and tools for physical and logical data acquisition from mobile devices. The proposed methodology allows an overview of the use of the In-System Programming (ISP) technique with the usage of Combination Firmware, aligned with specific collection and analysis processes. The carried out experiments show that the proposed methodology is convenient and practical and provides new possibilities for data acquisition on devices that run the Android Operating System with advanced protection mechanisms. The methodology is also feasible in devices compatible with the usage of Joint Test Action Group (JTAG) techniques and which use Embedded Multimedia Card (eMMC) or Embedded Multi-Chip Package (eMCP) as main memory. The techniques included in the methodology are effective on encrypted devices, in which the JTAG and Chip-Off techniques prove to be ineffective, especially on those that have an unauthorized access protection mechanism enabled, such as lock screen password, blocked bootloader, and Factory Reset Protection (FRP) active. Studies also demonstrate that data preservation and integrity are maintained, which is critical to a digital forensic process.

A two‐stage privacy protection mechanism based on blockchain in mobile crowdsourcing

2021 ◽  
Author(s):  
Zice Sun ◽  
Yingjie Wang ◽  
Zhipeng Cai ◽  
Tianen Liu ◽  
Xiangrong Tong ◽  
...  
Keyword(s):  
Privacy Protection ◽  
Two Stage ◽  
Mobile Crowdsourcing ◽  
Protection Mechanism

scholarly journals Detecting Colluding Inter-App Communication in Mobile Environment

2020 ◽  
Vol 10 (23) ◽  
pp. 8351
Author(s):  
Rosangela Casolare ◽  
Fabio Martinelli ◽  
Francesco Mercaldo ◽  
Antonella Santone
Keyword(s):  
Model Checking ◽  
Mobile Devices ◽  
Private Information ◽  
End Users ◽  
Home Automation ◽  
Mobile Environment ◽  
Data Support ◽  
Bank Transfer ◽  
Android Applications

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.

Achieving a Balance Between Privacy Protection and Data Collection: A Field Experimental Examination of a Theory-Driven Information Technology Solution

2021 ◽  
Author(s):  
Bailing Liu ◽  
Paul A. Pavlou ◽  
Xiufeng Cheng
Keyword(s):  
Information Technology ◽  
Data Collection ◽  
Customer Service ◽  
Privacy Protection ◽  
Information Disclosure ◽  
Personal Information ◽  
Privacy Policy ◽  
Trade Off ◽  
Policy Application ◽  
Mobile Banking Applications

Companies face a trade-off between creating stronger privacy protection policies for consumers and employing more sophisticated data collection methods. Justice-driven privacy protection outlines a method to manage this trade-off. We built on the theoretical lens of justice theory to integrate justice provision with two key privacy protection features, negotiation and active-recommendation, and proposed an information technology (IT) solution to balance the trade-off between privacy protection and consumer data collection. In the context of mobile banking applications, we prototyped a theory-driven IT solution, referred to as negotiation, active-recommendation privacy policy application, which enables customer service agents to interact with and actively recommend personalized privacy policies to consumers. We benchmarked our solution through a field experiment relative to two conventional applications: an online privacy statement and a privacy policy with only a simple negotiation feature. The results showed that the proposed IT solution improved consumers’ perceived procedural justice, interactive justice, and distributive justice and increased their psychological comfort in using our application design and in turn reduced their privacy concerns, enhanced their privacy awareness, and increased their information disclosure intentions and actual disclosure behavior in practice. Our proposed design can provide consumers better privacy protection while ensuring that consumers voluntarily disclose personal information desirable for companies.

scholarly journals The Influence of the Frequency of the Internet Use on the Behavioral Relationship Model of the Mobile Device-Based Shopping

2016 ◽  
Vol 11 (6) ◽  
pp. 32 ◽  
Author(s):  
Shwu-Ing Wu ◽  
Rou Jyun Chen
Keyword(s):  
Mobile Devices ◽  
Mobile Device ◽  
Internet Use ◽  
Information Quality ◽  
Positive Influence ◽  
The Other ◽  
The Internet ◽  
Relationship Model ◽  
Significant Positive Influence

<p class="ArticleTitle">In recent years, the increasingly innovative and diverse mobile devices have significantly promoted the mobile device-based shopping. What factors influence this kind of shopping? Will consumers purchase things with mobile devices? These are two topics that need to be explored. Through the literature analysis and the empirical research, this study aims to analyze the quality of information, system, service and mobile devices on the mobile device-based shopping platform. Moreover, it studies the attitude of consumers towards mobile device-based shopping, their willingness to adopt the shopping method and the behavioral relationship model in the actual mobile device-based shopping as well as compares the groups of different frequencies of the Internet use in terms of the relationship model.</p>  With the convenient sampling, this study made an investigation among some of those who had experienced shopping on such mobile devices as tablets or smart phones. The 765 retrieved valid copies of questionnaire were divided into three groups—“often”, “average” and “seldom” according to the frequency consumers undertook mobile device-based shopping and were then compared. The results showed that there were significant differences among the three groups in four relationship paths, including: 1) the information quality of the mobile device-based shopping platform has more significant positive influence on consumers’ attitude path of mobile device-based shopping in the “average” group than in the other two; 2) the service quality of the mobile device-based shopping platform has more significant positive influence on consumers’ attitude path of mobile device-based shopping in the “seldom” group than in the other two; 3) the preference for mobile device-based shopping has much significant positive influence on the behavior path of mobile device-based shopping in the “often” group. According to the research results, different groups have different behavior models. These results can serve as reference information in the decision-making of those who establish mobile device-based shopping platforms and manufacture mobile devices.

PrivItem2Vec: A privacy-preserving algorithm for top-N recommendation

2021 ◽  
Vol 17 (12) ◽  
pp. 155014772110612
Author(s):  
Zhengqiang Ge ◽  
Xinyu Liu ◽  
Qiang Li ◽  
Yu Li ◽  
Dong Guo
Keyword(s):  
Time Series ◽  
Internet Of Things ◽  
Privacy Protection ◽  
Short Term Memory ◽  
Short Term ◽  
Recommendation Algorithm ◽  
Data Set ◽  
Term Memory ◽  
Protection Mechanism ◽  
Long Short Term Memory

To significantly protect the user’s privacy and prevent the user’s preference disclosure from leading to malicious entrapment, we present a combination of the recommendation algorithm and the privacy protection mechanism. In this article, we present a privacy recommendation algorithm, PrivItem2Vec, and the concept of the recommended-internet of things, which is a privacy recommendation algorithm, consisting of user’s information, devices, and items. Recommended-internet of things uses bidirectional long short-term memory, based on item2vec, which improves algorithm time series and the recommended accuracy. In addition, we reconstructed the data set in conjunction with the Paillier algorithm. The data on the server are encrypted and embedded, which reduces the readability of the data and ensures the data’s security to a certain extent. Experiments show that our algorithm is superior to other works in terms of recommended accuracy and efficiency.

Online Privacy Protection in Japan

Cyber Crime ◽  
2013 ◽  
pp. 814-831
Author(s):  
J. Michael Tarn ◽  
Naoki Hamamoto
Keyword(s):  
Privacy Protection ◽  
Personal Information ◽  
Online Privacy ◽  
Current Status ◽  
Control Mechanisms ◽  
Future Trends ◽  
Research Directions ◽  
Privacy Law ◽  
Protection Mechanisms ◽  
And Control

This chapter explores the current status and practices of online privacy protection in Japan. Since the concept of privacy in Japan is different from that in western countries, the background of online privacy concepts and control mechanisms are discussed. The chapter then introduces Japan’s Act on the Protection of Personal Information along with the privacy protection system in Japan. Following the discussion of the privacy law, Japan’s privacy protection mechanisms to support and implement the new act are examined. To help companies make smooth adjustments and transitions, a four-stage privacy protection solution model is presented. Further, this chapter discusses two case studies to exemplify the problems and dilemmas encountered by two Japanese enterprises. The cases are analyzed and their implications are discussed. The chapter is concluded with future trends and research directions.

Sign in / Sign up

Export Citation Format

Share Document