A Framework for Estimating Privacy Risk Scores of Mobile Apps

Chang, Kai Chih; Zaeem, Razieh Nokhbeh; Barber, K. Suzanne

doi:10.1007/978-3-030-62974-8_13

Cited by 10 publications

(9 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In formula (12), f max (C i ) is the maximum trust risk frequency level of indicator C i , f upper (C i ) is the maximum risk frequency level of indicator C i , f lower (C i ) is the minimum risk frequency level of indicator C i . l max (C i ) is the maximum trust risk loss level of indicator C i , l upper (C i ) is the maximum risk loss level of indicator C i , and l lower (C i ) is the minimum risk loss level of indicator C i .…”

Section: Representation Of the Assessment Results Based On Fuzzymentioning

confidence: 99%

“…Dehling et al [11] assessed the "medical" and "health and fitness" applications on IOS and Android and evaluated the impact on information security and privacy according to the potential damage of information leakage, the potential damage of information loss, and the potential value of information to third parties. Chang et al [12] realized the effective assessment of mobile applications privacy risk by setting a special data set. Belani et al [13,14] analyzed the "intention" of mobile applications and its impact on user privacy and proposed effective verification methods to help users reasonably select and install secure applications.…”

Section: Related Researchmentioning

confidence: 99%

See 1 more Smart Citation

Comprehensive Assessment of Mobile Service Privacy Security Based on FAHP and D–S Theory

Yang

Gao

Jiang

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

As an indispensable medium for people’s daily life and communication, mobile applications provide users with a variety of services. In order to enjoy these services, users inevitably need to provide personal privacy information or authorization to application providers in the process of use. In the case of insufficient privacy security evaluation, even if users use the applications verified by the application market, their privacy security will be threatened because of their weak awareness of privacy protection. Therefore, in order to ensure the privacy security of users, this paper establishes a mobile service assessment attribute model including 3 risk categories and 11 risk indicators. Based on this model, this paper proposes a service risk weight assessment method based on FAHP (fuzzy analytical hierarchy process), defines the risk level and its trust degree from two aspects of risk frequency and risk loss, and puts forward a reasonable fusion method for different assessment results of risk level based on D–S (Dempster–Shafer) theory, so as to realize the multidimensional and multilayer assessment of mobile service risk. Finally, the case analysis shows that the method proposed in this paper is reasonable and feasible and has important value for improving the security of mobile services and managing users’ privacy information.

show abstract

Section: Representation Of the Assessment Results Based On Fuzzymentioning

confidence: 99%

Section: Related Researchmentioning

confidence: 99%

Comprehensive Assessment of Mobile Service Privacy Security Based on FAHP and D–S Theory

Yang

Gao

Jiang

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…Through SNA, organizations can assess the degree of compliance with internal security policies and regulations. Additionally, by gauging information security awareness levels, organizations can make informed decisions to strengthen or adapt their security policies [9]. These methods empower organizations to enhance and manage security in a more natural and effective manner.…”

Section: Social Network Analysismentioning

confidence: 99%

“…Examples of collected attributes to calculate personal information leakage risk in literature reviews[1,9,10] …”

mentioning

confidence: 99%

A study on the privacy dilemma overcoming method of voluntary personal information leakage in relational SNS: data-based privacy leakage risk score development

Bae,

Cha

2024

Preprint

View full text Add to dashboard Cite

The advancement of internet technology has facilitated the emergence of relational Social Network Services (SNS), offering services based on individuals' social connections. SNS users utilize personal information as a means of self-expression, thereby constructing their own social networks. However, the proliferation of personal information breaches has emerged as a significant contemporary concern due to the escalating use of SNS platforms. Recent incidents predominantly involve the collection and dissemination of information voluntarily disclosed on SNS, rather than by hacking. Despite the imperative need to forestall such breaches, there is a dearth of empirically applicable methodologies to gauge the risk of personal information leakage. Prior research methodologies for quantitatively assessing breach risk have predominantly concentrated on evaluating personal profiles alone, with limited consideration given to the potential identifiability of personal information embedded within uploaded content. Furthermore, these studies have often relied on surveys to ascertain users' perceptions of personal information leakage risk, hereby constraining their practical applicability and difficult to fulfill the objective of preventing personal information breaches. Hence, this study proposes a method for estimating privacy leakage risk based on the privacy-dilemma framework, which underscores the dilemmas SNS users encounter in managing both personal profiles and content data. Leveraging Social Network Analysis (SNA) to capture the nuances of relational SNS characteristics, we aim to enhance methodologies proposed in previous studies. The Multiple Regression Quadratic Assignment Procedure (MR-QAP) analysis is employed to delineate the factors influencing the risk score. This methodological approach holds promise in furnishing practical insights into privacy protection.

show abstract

“…They tested their proposed method for the advertisement domain. A risk score generation approach for android apps based on their permissions and risky privacy policies is discussed in Chang et al (2020). A comprehensive survey on privacy issues related to data collection in mobile recommendation is discussed in Sandhu et al (2019).…”

Section: Threats To Validity (Ttv)mentioning

confidence: 99%

Data usage-based privacy and security issues in mobile app recommendation (MAR): a systematic literature review

Beg

Khan

Anjum

2021

LHT

View full text Add to dashboard Cite

PurposeSimilarly, Zhu et al. (2014) and Zhang et al. (2014) stated that addressing privacy concerns with the recommendation process is necessary for the healthy development of app recommendation. Recently, Xiao et al. (2020) mentioned that a lack of effective privacy policy hinders the development of personalized recommendation services. According to the reported work, privacy protection technology methods are too limited for mobile focusing on data encryption, anonymity, disturbance, elimination of redundant data to protect the recommendation process from privacy breaches. So, this situation motivated us to conduct a systematic literature review (SLR) to provide the viewpoint of privacy and security concerns as mentioned in current state-of-the-art in the mobile app recommendation domain.Design/methodology/approachIn this work, the authors have followed Kitchenham guidelines (Kitchenham and Charters, 2007) to devise the SLR process. According to the guidelines, the SLR process has three main phases: (1) define, (2) conduct the search and (3) report the results. Furthermore, the authors used systematic mapping approach as well to ensure the whole process.FindingsBased on the selected studies, the authors proposed three main thematic taxonomies, including architectural style, security and privacy strategies, and user-usage in the mobile app recommendation domain. From the studies' synthesis viewpoint, it is observed that the majority of the research efforts have focused on the movie recommendation field, while the mainly used privacy scheme is homomorphic encryption. Finally, the authors suggested a set of future research dimensions useful for the potential researchers interested to perform the research in the mobile app recommendation domain.Originality/valueThis is an SLR article, based on existing published research, where the authors identified key issues and future directions.

show abstract

A Framework for Estimating Privacy Risk Scores of Mobile Apps

Cited by 10 publications

References 24 publications

Comprehensive Assessment of Mobile Service Privacy Security Based on FAHP and D–S Theory

Comprehensive Assessment of Mobile Service Privacy Security Based on FAHP and D–S Theory

A study on the privacy dilemma overcoming method of voluntary personal information leakage in relational SNS: data-based privacy leakage risk score development

Data usage-based privacy and security issues in mobile app recommendation (MAR): a systematic literature review

Contact Info

Product

Resources

About