Skip to main content

CrowdScanning: Using Crowdsourcing and Static Analysis to understand the Privacy Issues in Smartphone Apps

Researchers: Jason Hong, Norman Sadeh

Research Area: Mobility | Privacy Protection

Cross Cutting Thrusts: Usable Privacy and Security

Abstract

Scope: Many smartphone apps have unusual behaviors. The goal of this work is to understand the gap between people's expectations of an app's behaviors and it's actual behaviors. For example, most people don't expect Angry Birds to use location data, but in reality it does. However, most people do expect Google Maps to use location data, and it does. In previous work, we showed that crowdsourcing was effective in finding the gaps in people's expectations. In our ongoing work, we are looking at how to scale up our analysis to hundreds of thousands of smartphone apps. In particular, we are combining static analysis with crowdsourcing to build predictive models of people's privacy concerns of an app.

Outcomes: Cloud service for doing static analysis on apps Predictive models of people's privacy concerns A web site showcasing our results