|Title:||YAPI : an automated location privacy benchmarking tool for smartphone users|
|Subject:||Hong Kong Polytechnic University -- Dissertations|
|Department:||Department of Electronic and Information Engineering|
|Pages:||12, 107 pages : color illustrations|
|Abstract:||The popularity of smartphones has led to the prevalence of location-aware apps. They access users' location to provide personalized and location-dependent services. Albeit its wide use, users' location information can be accessed by any third-party apps arbitrarily with little protection, which is threatening our location privacy seriously. The main problem studied in this dissertation is to design a metric that can benchmark the privacy awareness of those third-party apps which access user location without impairing any apps' normal services and users' conveniences. All location access requests on Android smartphones will be analyzed first by an "interceptor" , which is implemented as an Xposed module. The analysis is to infer whether these location accessing requests abuse user privacy or are genuinely used to provide location-based services. To achieve this, we use five cloned Android simulators to launch the same activities of the app synchronously. These simulators share the same user data for the app and are only different in their location provided to it. By measuring the difference of the server response after the location request of same app activities, we can identify the location abuse cases with high confidence. To ensure the analysis covers most use cases of the app and truly reflects how average users experience these location access requests, we also propose activity usage weight estimation. Our last contribution is to use the above benchmarking platform to evaluate top apps from Google Play Store with different developers, categories, and regions. This serves as a state-of-the-art report of attitude and actions taken by major developers on location privacy.|
|Rights:||All rights reserved|
Files in This Item:
|991022144625403411.pdf||For All Users (off-campus access for PolyU Staff & Students only)||5.08 MB||Adobe PDF||View/Open|
As a bona fide Library user, I declare that:
- I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
- I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
- I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.
By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.
Please use this identifier to cite or link to this item: