CRII: SaTC: Improving the Usability and Effectiveness of Security and Privacy Settings in Mobile Apps

CRII:SaTC:提高移动应用程序中安全和隐私设置的可用性和有效性

基本信息

  • 批准号:
    1850479
  • 负责人:
    Yuan Tian
  • 金额:
    $ 17.5万
  • 依托单位:
    University of Virginia Main Campus
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2019
  • 资助国家:
    美国
  • 起止时间:
    2019-06-01 至 2021-05-31
  • 项目状态:
    已结题

项目摘要

Mobile users hold people's sensitive information such as passwords, locations, and health information. Users are permitted to control the use of some of this information by configuring their privacy settings in the apps they use. These settings, however, are often difficult to locate and understand, even in popular apps such as Facebook. Moreover, the settings are often set to share user data by default, exposing personal data without users' explicit consent. The goal of the project is to develop an automatic tool to identify the security and privacy settings embedded in mobile apps, to identify usability and security problems in using the settings and controlling privacy, and to develop a single, centralized method of presenting and enforcing user settings such that users do not need to hunt for settings and controls to protect their privacy. The outcome of the research will improve the security and privacy of mobile consumers. To accomplish the goal, the project combines techniques from program analysis, human-computer interaction, and machine learning. The investigation will include empirical studies to understand users' perspectives on existing security and privacy settings, and test the specific usability problems with currently available settings. The research will also develop a method for identifying and extracting security and privacy settings through natural language processing and program analysis. Using these insights, the research will enable a usable centralized interface for people to configure their security and privacy settings. This work will provide insights for building usable security and privacy settings for mobile platforms, as well as for emerging platforms in the Internet of Things. This project will engage a diverse group of undergraduate and graduate students to develop their interest and expertise in cybersecurity, privacy, and methods for user control.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
移动用户保留人们的敏感信息,例如密码,位置和健康信息。允许用户通过在使用的应用程序中配置其隐私设置来控制某些信息的使用。但是,即使在诸如Facebook之类的流行应用程序中,这些设置通常也很难找到和理解。此外,设置通常设置为默认情况下共享用户数据,从而未经用户的明确同意而公开个人数据。该项目的目的是开发一种自动工具来识别移动应用程序中嵌入的安全性和隐私设置,以确定使用设置和控制隐私时的可用性和安全性问题,并开发出一种集中的,一种集中的方法来展示和强制用户设置,以使用户不需要寻找设置和控制以保护其隐私。研究的结果将改善移动消费者的安全性和隐私性。为了实现目标,该项目结合了程序分析,人类计算机互动和机器学习的技术。调查将包括经验研究,以了解用户对现有安全性和隐私设置的看法,并测试当前可用设置的特定可用性问题。该研究还将开发一种通过自然语言处理和程序分析来识别和提取安全和隐私设置的方法。使用这些见解,该研究将使人们能够配置其安全性和隐私设置。这项工作将提供有关移动平台以及物联网中新兴平台的可用安全性和隐私设置的见解。该项目将吸引各种各样的本科生和研究生,以发展其在网络安全,隐私和用户控制方法方面的兴趣和专业知识。该奖项反映了NSF的法定任务,并被认为是值得通过基金会的知识分子优点和更广泛的审查标准通过评估来获得支持的。

项目成果

期刊论文数量(5)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Hybrid Batch Attacks: Finding Black-box Adversarial Examples with Limited Queries
  • DOI:
  • 发表时间:
    2019-08
  • 期刊:
    ArXiv
  • 影响因子:
    0
  • 作者:
    Fnu Suya;Jianfeng Chi;David Evans;Yuan Tian
  • 通讯作者:
    Fnu Suya;Jianfeng Chi;David Evans;Yuan Tian
OAUTHLINT: An Empirical Study on OAuth Bugs in Android Applications
Read Between the Lines: An Empirical Measurement of Sensitive Applications of Voice Personal Assistant Systems
  • DOI:
    10.1145/3366423.3380179
  • 发表时间:
    2020-04
  • 期刊:
    Proceedings of The Web Conference 2020
  • 影响因子:
    0
  • 作者:
    F. H. Shezan;Hang Hu;Jiamin Wang;Gang Wang;Yuan Tian
  • 通讯作者:
    F. H. Shezan;Hang Hu;Jiamin Wang;Gang Wang;Yuan Tian
TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications
  • DOI:
    10.14722/ndss.2020.24287
  • 发表时间:
    2020
  • 期刊:
  • 影响因子:
    0
  • 作者:
    F. H. Shezan;Kaiming Cheng;Zhen Zhang;Yinzhi Cao;Yuan Tian
  • 通讯作者:
    F. H. Shezan;Kaiming Cheng;Zhen Zhang;Yinzhi Cao;Yuan Tian
Understanding and Mitigating Accuracy Disparity in Regression
  • DOI:
  • 发表时间:
    2021-02
  • 期刊:
    ArXiv
  • 影响因子:
    0
  • 作者:
    Jianfeng Chi;Yuan Tian;Geoffrey J. Gordon;Han Zhao
  • 通讯作者:
    Jianfeng Chi;Yuan Tian;Geoffrey J. Gordon;Han Zhao
{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
    {{ item.journal_name }}
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Yuan Tian其他文献

Downregulation of FAPP2 gene induces cell autophagy and inhibits PI3K/AKT/mTOR pathway in T-cell acute lymphoblastic leukemia.
在 T 细胞急性淋巴细胞白血病中,FAPP2 基因的下调诱导细胞自噬并抑制 PI3K/AKT/mTOR 通路。
  • DOI:
    10.1002/hon.2948
  • 发表时间:
    2021
  • 期刊:
    Hematological Oncology
  • 影响因子:
    3.3
  • 作者:
    Yuan Tian;Wang Jinhuan;Shi Ce;Wang Yi;Xia Bing;Xu Wen;Yang Hongliang;Yang Yaling;Ye Matthew T;Khalid Samah;Liang Yong;Tian Chen;You M James;Wang Yafei
  • 通讯作者:
    Wang Yafei
The influence of δ meson on the isospin splitting of in-medium NN → NΔ cross-sections
δ介子对介质内NN->N Delta截面同位旋分裂的影响
Gender differences in hepatic ischemic reperfusion injury in rats are associated with endothelial cell nitric oxide synthase-derived nitric oxide.
大鼠肝脏缺血再灌注损伤的性别差异与内皮细胞一氧化氮合酶衍生的一氧化氮有关。
  • DOI:
    10.3748/wjg.v11.i22.3441
  • 发表时间:
    2005
  • 期刊:
    World journal of gastroenterology
  • 影响因子:
    4.3
  • 作者:
    Ping Lü;Fang Liu;Chun;Dao;Zhong Yao;Yuan Tian;Jing;Yi
  • 通讯作者:
    Yi
Process of Diamond Surface Termination by Carboxylic and Amino Groups: A Quantum Mechanics Approach
羧基和氨基的金刚石表面终止过程:量子力学方法
Centrifugal Shape Sorting of Faceted Gold Nanoparticles Using an Atomic Plane-Selective Surfactant.
使用原子平面选择性表面活性剂对多面金纳米颗粒进行离心形状分类。
  • DOI:
    10.1021/jz3005283
  • 发表时间:
    2012
  • 期刊:
    The journal of physical chemistry letters
  • 影响因子:
    0
  • 作者:
    Timothy P. Tyler;Pin Ann Lin;Yuan Tian;Hong;Xuan P. A. Gao;R. Mohan Sankaran;M. Hersam
  • 通讯作者:
    M. Hersam

Yuan Tian的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
    {{ item.journal_name }}
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('Yuan Tian', 18)}}的其他基金

Collaborative Research: Frameworks: MobilityNet: A Trustworthy CI Emulation Tool for Cross-Domain Mobility Data Generation and Sharing towards Multidisciplinary Innovations
协作研究:框架:MobilityNet:用于跨域移动数据生成和共享以实现多学科创新的值得信赖的 CI 仿真工具
  • 批准号:
    2411153
  • 财政年份:
    2024
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
Collaborative Research: DASS: Assessing the Relationship Between Privacy Regulations and Software Development to Improve Rulemaking and Compliance
合作研究:DASS:评估隐私法规与软件开发之间的关系以改进规则制定和合规性
  • 批准号:
    2317184
  • 财政年份:
    2023
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
Collaborative Research: SaTC: CORE: Medium: Toward safe, private, and secure home automation: from formal modeling to user evaluation
协作研究:SaTC:核心:中:迈向安全、私密和可靠的家庭自动化:从形式建模到用户评估
  • 批准号:
    2320903
  • 财政年份:
    2022
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
  • 批准号:
    2325369
  • 财政年份:
    2022
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CAREER: Secure Voice-Controlled Platforms
职业:安全语音控制平台
  • 批准号:
    2323105
  • 财政年份:
    2022
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Toward safe, private, and secure home automation: from formal modeling to user evaluation
协作研究:SaTC:核心:中:迈向安全、私密和可靠的家庭自动化:从形式建模到用户评估
  • 批准号:
    2114074
  • 财政年份:
    2021
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CAREER: Secure Voice-Controlled Platforms
职业:安全语音控制平台
  • 批准号:
    1943100
  • 财政年份:
    2020
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
  • 批准号:
    1920462
  • 财政年份:
    2019
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant

相似海外基金

CRII: SaTC: Measuring and Improving the Management of Resource Public Key Infrastructure (RPKI)
CRII:SaTC:衡量和改进资源公钥基础设施 (RPKI) 的管理
  • 批准号:
    2051166
  • 财政年份:
    2020
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CRII: SaTC: Measuring and Improving the Management of Resource Public Key Infrastructure (RPKI)
CRII:SaTC:衡量和改进资源公钥基础设施 (RPKI) 的管理
  • 批准号:
    1850465
  • 财政年份:
    2019
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CRII: SaTC: Vetting and Improving the Usage of Trusted Execution Environments for Authentication in Mobile Devices
CRII:SaTC:审查和改进可信执行环境在移动设备中进行身份验证的使用
  • 批准号:
    1949632
  • 财政年份:
    2019
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CRII: SaTC: Vetting and Improving the Usage of Trusted Execution Environments for Authentication in Mobile Devices
CRII:SaTC:审查和改进可信执行环境在移动设备中进行身份验证的使用
  • 批准号:
    1849803
  • 财政年份:
    2019
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
CRII: SaTC: Improving Computer Security Technologies through Analyzing Security Needs and Practices of Journalists
CRII:SaTC:通过分析记者的安全需求和实践来改进计算机安全技术
  • 批准号:
    1463968
  • 财政年份:
    2015
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了