CRII: SaTC: Improving the Usability and Effectiveness of Security and Privacy Settings in Mobile Apps
CRII:SaTC:提高移动应用程序中安全和隐私设置的可用性和有效性
基本信息
- 批准号:1850479
- 负责人:
- 金额:$ 17.5万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2019
- 资助国家:美国
- 起止时间:2019-06-01 至 2021-05-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Mobile users hold people's sensitive information such as passwords, locations, and health information. Users are permitted to control the use of some of this information by configuring their privacy settings in the apps they use. These settings, however, are often difficult to locate and understand, even in popular apps such as Facebook. Moreover, the settings are often set to share user data by default, exposing personal data without users' explicit consent. The goal of the project is to develop an automatic tool to identify the security and privacy settings embedded in mobile apps, to identify usability and security problems in using the settings and controlling privacy, and to develop a single, centralized method of presenting and enforcing user settings such that users do not need to hunt for settings and controls to protect their privacy. The outcome of the research will improve the security and privacy of mobile consumers. To accomplish the goal, the project combines techniques from program analysis, human-computer interaction, and machine learning. The investigation will include empirical studies to understand users' perspectives on existing security and privacy settings, and test the specific usability problems with currently available settings. The research will also develop a method for identifying and extracting security and privacy settings through natural language processing and program analysis. Using these insights, the research will enable a usable centralized interface for people to configure their security and privacy settings. This work will provide insights for building usable security and privacy settings for mobile platforms, as well as for emerging platforms in the Internet of Things. This project will engage a diverse group of undergraduate and graduate students to develop their interest and expertise in cybersecurity, privacy, and methods for user control.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
移动的用户持有用户的敏感信息,如密码、位置和健康信息。允许用户通过在他们使用的应用程序中配置他们的隐私设置来控制这些信息的使用。然而,这些设置通常很难定位和理解,即使是在Facebook等流行的应用程序中。此外,这些设置通常被设置为默认共享用户数据,在未经用户明确同意的情况下暴露个人数据。该项目的目标是开发一个自动工具来识别嵌入在移动的应用程序中的安全和隐私设置,识别使用设置和控制隐私的可用性和安全问题,并开发一个单一的,集中的方法来呈现和实施用户设置,这样用户就不需要寻找设置和控制来保护他们的隐私。研究结果将提高移动的消费者的安全性和隐私。为了实现这一目标,该项目结合了程序分析、人机交互和机器学习等技术。调查将包括实证研究,以了解用户对现有安全和隐私设置的看法,并测试当前可用设置的具体可用性问题。该研究还将开发一种通过自然语言处理和程序分析识别和提取安全和隐私设置的方法。利用这些见解,该研究将为人们提供一个可用的集中式界面,以配置他们的安全和隐私设置。这项工作将为移动的平台以及物联网中的新兴平台构建可用的安全和隐私设置提供见解。该项目将吸引不同的本科生和研究生群体参与,以培养他们在网络安全、隐私和用户控制方法方面的兴趣和专业知识。该奖项反映了NSF的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(5)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Hybrid Batch Attacks: Finding Black-box Adversarial Examples with Limited Queries
- DOI:
- 发表时间:2019-08
- 期刊:
- 影响因子:0
- 作者:Fnu Suya;Jianfeng Chi;David Evans;Yuan Tian
- 通讯作者:Fnu Suya;Jianfeng Chi;David Evans;Yuan Tian
OAUTHLINT: An Empirical Study on OAuth Bugs in Android Applications
- DOI:10.1109/ase.2019.00036
- 发表时间:2019-11
- 期刊:
- 影响因子:0
- 作者:Tamjid Al Rahat;Yu Feng;Yuan Tian
- 通讯作者:Tamjid Al Rahat;Yu Feng;Yuan Tian
TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications
- DOI:10.14722/ndss.2020.24287
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:F. H. Shezan;Kaiming Cheng;Zhen Zhang;Yinzhi Cao;Yuan Tian
- 通讯作者:F. H. Shezan;Kaiming Cheng;Zhen Zhang;Yinzhi Cao;Yuan Tian
Understanding and Mitigating Accuracy Disparity in Regression
- DOI:
- 发表时间:2021-02
- 期刊:
- 影响因子:0
- 作者:Jianfeng Chi;Yuan Tian;Geoffrey J. Gordon;Han Zhao
- 通讯作者:Jianfeng Chi;Yuan Tian;Geoffrey J. Gordon;Han Zhao
Read Between the Lines: An Empirical Measurement of Sensitive Applications of Voice Personal Assistant Systems
- DOI:10.1145/3366423.3380179
- 发表时间:2020-04
- 期刊:
- 影响因子:0
- 作者:F. H. Shezan;Hang Hu;Jiamin Wang;Gang Wang;Yuan Tian
- 通讯作者:F. H. Shezan;Hang Hu;Jiamin Wang;Gang Wang;Yuan Tian
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Yuan Tian其他文献
Mapping the drivers of formaldehyde (HCHO) variability from 2015 to 2019 over eastern China: insights from Fourier transform infrared observation and GEOS-Chem model simulation
绘制 2015 年至 2019 年中国东部甲醛 (HCHO) 变化的驱动因素:傅里叶变换红外观测和 GEOS-Chem 模型模拟的见解
- DOI:
10.5194/acp-21-6365-2021 - 发表时间:
2021-04 - 期刊:
- 影响因子:6.3
- 作者:
Youwen Sun;Hao Yin;Cheng Liu;Lin Zhang;Yuan Cheng;Mathias Palm;Justus Notholt;Xiao Lu;Corinne Vigouroux;Bo Zheng;Wei Wang;Nicholas Jones;Changong Shan;Min Qin;Yuan Tian;Qihou Hu;Fanhao Meng;Jianguo Liu - 通讯作者:
Jianguo Liu
Phase cancellation and aperture size on broadband ultrasonic attenuation for trabecular bone assessment using a 2-D confocal synthetic array
使用二维共焦合成阵列进行骨小梁评估的宽带超声衰减的相位抵消和孔径大小
- DOI:
- 发表时间:
2011 - 期刊:
- 影响因子:0
- 作者:
Jiqi Cheng;F. Serra;Yuan Tian;Wei Lin;Yi - 通讯作者:
Yi
Abundance versus vital rates: The extent and predictors of inconsistent conclusions on avian population responses to forest loss and degradation
丰度与活力率:鸟类种群对森林丧失和退化反应的不一致结论的程度和预测因素
- DOI:
10.1016/j.biocon.2023.110353 - 发表时间:
2023 - 期刊:
- 影响因子:5.9
- 作者:
Yuan Tian;Fangyuan Hua - 通讯作者:
Fangyuan Hua
Estimating satellite phase fractional cycle biases based on Kalman filter
基于卡尔曼滤波器估计卫星相位分数周期偏差
- DOI:
10.1007/s10291-018-0749-3 - 发表时间:
2018 - 期刊:
- 影响因子:4.9
- 作者:
Guorui Xiao;Lifen Sui;Bernhard Heck;Tian Zeng;Yuan Tian - 通讯作者:
Yuan Tian
Effects of annealing constraint methods on poly(L‐lactic acid) monofilaments for application in stents annealing
退火约束方法对用于支架退火的聚(L-乳酸)单丝的影响
- DOI:
10.1002/pat.5266 - 发表时间:
2021-03 - 期刊:
- 影响因子:3.4
- 作者:
Xin Li;Yuan Tian;Jing Zhang;Jie Cheng;Gensheng Wu;Yi Zhang;Gutian Zhao;Zhonghua Ni - 通讯作者:
Zhonghua Ni
Yuan Tian的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Yuan Tian', 18)}}的其他基金
Collaborative Research: Frameworks: MobilityNet: A Trustworthy CI Emulation Tool for Cross-Domain Mobility Data Generation and Sharing towards Multidisciplinary Innovations
协作研究:框架:MobilityNet:用于跨域移动数据生成和共享以实现多学科创新的值得信赖的 CI 仿真工具
- 批准号:
2411153 - 财政年份:2024
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: DASS: Assessing the Relationship Between Privacy Regulations and Software Development to Improve Rulemaking and Compliance
合作研究:DASS:评估隐私法规与软件开发之间的关系以改进规则制定和合规性
- 批准号:
2317184 - 财政年份:2023
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Medium: Toward safe, private, and secure home automation: from formal modeling to user evaluation
协作研究:SaTC:核心:中:迈向安全、私密和可靠的家庭自动化:从形式建模到用户评估
- 批准号:
2320903 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
- 批准号:
2325369 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
CAREER: Secure Voice-Controlled Platforms
职业:安全语音控制平台
- 批准号:
2323105 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Toward safe, private, and secure home automation: from formal modeling to user evaluation
协作研究:SaTC:核心:中:迈向安全、私密和可靠的家庭自动化:从形式建模到用户评估
- 批准号:
2114074 - 财政年份:2021
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
CAREER: Secure Voice-Controlled Platforms
职业:安全语音控制平台
- 批准号:
1943100 - 财政年份:2020
- 资助金额:
$ 17.5万 - 项目类别:
Continuing Grant
CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
- 批准号:
1920462 - 财政年份:2019
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
相似海外基金
Collaborative Research: SaTC: CORE: Small: Measuring, Validating and Improving upon App-Based Privacy Nutrition Labels
合作研究:SaTC:核心:小型:测量、验证和改进基于应用程序的隐私营养标签
- 批准号:
2247952 - 财政年份:2023
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Measuring, Validating and Improving upon App-Based Privacy Nutrition Labels
合作研究:SaTC:核心:小型:测量、验证和改进基于应用程序的隐私营养标签
- 批准号:
2247953 - 财政年份:2023
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
SaTC-EDU: Improving computer forensic curricula through hands-on hardware and software training and practical experience processing evidence from active criminal cases
SaTC-EDU:通过实际的硬件和软件培训以及处理活跃刑事案件证据的实践经验来改进计算机取证课程
- 批准号:
2304753 - 财政年份:2023
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Measuring, Validating and Improving upon App-Based Privacy Nutrition Labels
合作研究:SaTC:核心:小型:测量、验证和改进基于应用程序的隐私营养标签
- 批准号:
2247951 - 财政年份:2023
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
SaTC: CORE: Small: Corporeal Cybersecurity: Improving End-User Security and Privacy with Physicalized Computing Interface
SaTC:核心:小型:实体网络安全:通过物理化计算接口提高最终用户安全和隐私
- 批准号:
2316294 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Improving Sanitization and Avoiding Denial of Service Through Correct and Safe Regexes
协作研究:SaTC:核心:小型:通过正确和安全的正则表达式改进清理并避免拒绝服务
- 批准号:
2135157 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Improving Decentralized Kernel Patch Ecosystems
协作研究:SaTC:CORE:小型:改善去中心化内核补丁生态系统
- 批准号:
2155213 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
EAGER: DCL: SaTC: Enabling Interdisciplinary Collaboration: Improving Human Discernment of Audio Deepfakes via Multi-level Information Augmentation
EAGER:DCL:SaTC:实现跨学科合作:通过多级信息增强提高人类对音频深赝品的识别能力
- 批准号:
2210011 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
SaTC: CORE: Small: Identifying and Quantifying Design Principles For Improving Password Manager Usage
SaTC:核心:小型:识别和量化改进密码管理器使用的设计原则
- 批准号:
2226404 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Improving Decentralized Kernel Patch Ecosystems
协作研究:SaTC:CORE:小型:改善去中心化内核补丁生态系统
- 批准号:
2154989 - 财政年份:2022
- 资助金额:
$ 17.5万 - 项目类别:
Standard Grant