Matching Items (2)
Filtering by

Clear all filters

Description
On Android, existing security procedures require apps to request permissions for access to sensitive resources.

Only when the user approves the requested permissions will the app be installed.

However, permissions are an incomplete security mechanism.

In addition to a user's limited understanding of permissions, the mechanism does not account for the possibility that

On Android, existing security procedures require apps to request permissions for access to sensitive resources.

Only when the user approves the requested permissions will the app be installed.

However, permissions are an incomplete security mechanism.

In addition to a user's limited understanding of permissions, the mechanism does not account for the possibility that different permissions used together have the ability to be more dangerous than any single permission alone.

Even if users did understand the nature of an app's requested permissions, this mechanism is still not enough to guarantee that a user's information is protected.

Applications can potentially send or receive sensitive information from other applications without the required permissions by using intents.

In other words, applications can potentially collaborate in ways unforeseen by the user, even if the user understands the permissions of each app independently.

In this thesis, we present several graph-based approaches to address these issues.

We determine the permissions of an app and generate scores based on our assigned value of certain resources.

We analyze these scores overall, as well as in the context of the app's category as determined by Google Play.

We show that these scores can be used to identify overzealous apps, as well as apps that do not properly fit within their category.

We analyze potential interactions between different applications using intents, and identify several promiscuous apps with low permission scores, showing that permissions alone are not sufficient to evaluate the security risks of an app.

Our analyses can form the basis of a system to assist users in identifying apps that can potentially compromise user privacy.
ContributorsGibson, Aaron (Author) / Bazzi, Rida (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Walker, Erin (Committee member) / Arizona State University (Publisher)
Created2015
155505-Thumbnail Image.png
Description
While various collision warning studies in driving have been conducted, only a handful of studies have investigated the effectiveness of warnings with a distracted driver. Across four experiments, the present study aimed to understand the apparent gap in the literature of distracted drivers and warning effectiveness, specifically by studying various

While various collision warning studies in driving have been conducted, only a handful of studies have investigated the effectiveness of warnings with a distracted driver. Across four experiments, the present study aimed to understand the apparent gap in the literature of distracted drivers and warning effectiveness, specifically by studying various warnings presented to drivers while they were operating a smart phone. Experiment One attempted to understand which smart phone tasks, (text vs image) or (self-paced vs other-paced) are the most distracting to a driver. Experiment Two compared the effectiveness of different smartphone based applications (app’s) for mitigating driver distraction. Experiment Three investigated the effects of informative auditory and tactile warnings which were designed to convey directional information to a distracted driver (moving towards or away). Lastly, Experiment Four extended the research into the area of autonomous driving by investigating the effectiveness of different auditory take-over request signals. Novel to both Experiment Three and Four was that the warnings were delivered from the source of the distraction (i.e., by either the sound triggered at the smart phone location or through a vibration given on the wrist of the hand holding the smart phone). This warning placement was an attempt to break the driver’s attentional focus on their smart phone and understand how to best re-orient the driver in order to improve the driver’s situational awareness (SA). The overall goal was to explore these novel methods of improved SA so drivers may more quickly and appropriately respond to a critical event.
ContributorsMcNabb, Jaimie Christine (Author) / Gray, Dr. Rob (Thesis advisor) / Branaghan, Dr. Russell (Committee member) / Becker, Dr. Vaughn (Committee member) / Arizona State University (Publisher)
Created2017