AndProtect: Personal data privacy by means of static and dynamic analysis for Android app validation
Project partners
Funding
German Federal Ministry of Education and Research
Duration
11/2015-04/2018
Topics
The aim of this research project is the development of a usable tool for non-professional Android users to support them to gain knowledge about information flows on their apps. It will ensure transparency and enhance personal risk based decisions for users in everyday life. This will be realized by a usable presentation and visualization of static and dynamic analysis results. The Chemnitz University of Technology will be responsible for the user-centric design of interfaces and information of these approaches
Within AndProtect and based on a tool of the DAI-Labor (Berlin University of Technology) who is responsible for the static analysis, which aims at the internal and external identification of app information flows. However, the validity of the static analysis is restricted. Particularly by dynamic loading of code or code obfuscation some characteristics of application behavior could be analyzed only during the execution. For this purpose enhanced dynamic analysis approaches are developed and implemented, using the results of the static analysis as a starting point. The semi-automatic testing method, which enables a traceable and transparent app validation as an inspection service, will be developed by the project partner secuvera GmbH.
Contact | Dipl. Psych. Susen Doebelt and M. Sc. Psych. Josephine Halama |
---|
Bildquelle: Jacob Mueller; Bildelemente von "Designed by Freepik"
Publications
- Döbelt, S., Halama, J., Fritsch, S., Nguyen, M.-H., & Bocklisch, F. (2020). Clearing the Hurdles: How to Design Privacy Nudges for Mobile Application Users. In A. Moallem (ed.). Second International Conference on HCI for Cybersecurity, Privacy and Trust, HCI-CPT 2020, Held as Part of the 22nd HCI International Conference, HCII 2020, Copenhagen, Denmark, July 19-24, 2020, Proceedings, 326-353, Springer, Cham. https://doi.org/10.1007/978-3-030-50309-3.
- Halama, J., Döbelt, S., & Bocklisch, F. (2020). The Influence of an App's Risk on Trust, Distrust and Intention to Use. In C. Dobel, C. Giesen, L. A. Grigutsch, J. M. Kaufmann, G. Kovács, F. Meissner, K. Rothermund, & S. R. Schweinberger (Eds.), TeaP 2020 - Abstracts of the 62th Conference of Experimental Psychologists. Lengerich: Pabst Science Publishers.
- Döbelt, S. & Halama, J. (2018). Mobiler Datenschutz: Nutzerzentrierte Gestaltung der AndProtect-App. In: R. Dachselt & G. Weber (Eds.), Mensch und Computer 2018 - Workshopband. Bonn: Gesellschaft für Informatik e.V. doi:10.18420/muc2018-ws09-0547
- Halama, J. & Döbelt, S. (2017). The Integration of Diverse User Data to derive User Requirements. In: Eibl, M. & Gaedke, M. (Hrsg.), INFORMATIK 2017, pp. 2329-2334. Bonn: Gesellschaft für Informatik.