Abstract
Within the scope of mobile privacy, there are many attack methods that can leak users’ private information. The communication between applications can be used to violate permissions and access private information without asking for the user’s authorization. Hence, many researchers made protection mechanisms against privilege escalation. However, attackers can further utilize inference algorithms to derive new information out of available data or improve the information quality without violating privilege limits. In this work. we describe the notion of Information Escalation Attack and propose a detection and protection mechanism using Inference Graph and Policy Engine for the user to control their policy on the App’s privilege in information escalation. Our implementation results show that the proposed privacy protection service is feasible and provides good useability.
Highlights
IntroductionIn the past few years, the number of mobile phone has grown rapidly, and the number of mobile device users will continue to grow in the future [1,2]
MPrivacy: A Privacy Policy EngineIn the past few years, the number of mobile phone has grown rapidly, and the number of mobile device users will continue to grow in the future [1,2]
The line marked with triangles shows how many areas from the original size of cloaking region is revealed with protection from our program
Summary
In the past few years, the number of mobile phone has grown rapidly, and the number of mobile device users will continue to grow in the future [1,2]. Along with the number of mobile phone users, the number of malicious applications in mobile devices has increased [3,4]. Many kinds of research have been conducted to propose the user’s privacy protection mechanisms in mobile devices. There are still many different ways of attacking the user’s private information. This information can be accessed directly through the platform, or indirectly inferred from available resources. The systematic approach to such attacks is lacking. This limits the development of data protection and secure mobile platforms
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
